27 matches found
CVE-2025-59580
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...
EUVD-2025-35430
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...
CVE-2025-59580
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...
CVE-2025-59580
The CVE covers the WordPress Goodlayers Core plugin (goodlayers-core) with a Privilege Escalation due to Incorrect Privilege Assignment in versions prior to 2.1.7. The issue is classified as high severity (CVSS 3.1: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and affects the plugin by allowing privilege...
CVE-2025-59580 WordPress Goodlayers Core plugin < 2.1.7 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...
CVE-2025-59580 WordPress Goodlayers Core plugin < 2.1.7 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through 2.1.7...
WordPress plugin Goodlayers Core 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2024-34050
Malicious code in bioql PyPI...
EUVD-2024-50640
Malicious code in bioql PyPI...
WordPress Goodlayers Core plugin < 2.1.7 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Bonds in WordPress Plugin Goodlayers Core versions 2.1.7...
CVE-2024-11200
The Goodlayers Core plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘font-family’ parameter in all versions up to, and including, 2.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...
CVE-2024-11357
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress GoodLayers Core plugin < 2.1.3 - Subscriber+ Stored XSS via SVG Upload vulnerability
Subscriber+ Stored XSS via SVG Upload vulnerability discovered by Amine SAJID in WordPress Plugin Goodlayers Core versions 2.1.3...
CVE-2024-12163
The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...
CVE-2024-12163 GoodLayers Core < 2.1.3 - Subscriber+ Stored XSS via SVG Upload
The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...
CVE-2024-12163
CVE-2024-12163 affects the WordPress plugin Goodlayers Core (Goodlayers Core) before version 2.1.3. The issue, as described in multiple sources, allows users with the Subscriber role and above to upload SVG files containing malicious payloads, enabling a stored Cross-Site Scripting (XSS) conditio...
CVE-2024-12163 GoodLayers Core < 2.1.3 - Subscriber+ Stored XSS via SVG Upload
The goodlayers-core WordPress plugin before 2.1.3 allows users with a subscriber role and above to upload SVGs containing malicious payloads...
WordPress plugin goodlayers-core 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...
WordPress Goodlayers Core plugin < 2.0.10 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Goodlayers Core versions 2.0.10...
CVE-2024-11357
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...