EUVD-2024-31820

Malicious code in bioql PyPI...

CVE-2025-58790 WordPress Kiwi Plugin <= 2.1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPKube Kiwi kiwi-social-share allows Stored XSS.This issue affects Kiwi: from n/a through = 2.1.8...

CVE-2025-58790

CVE-2025-58790 : WordPress Kiwi Plugin

WordPress Kiwi Plugin <= 2.1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin Kiwi versions = 2.1.8...

WordPress plugin Kiwi 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

CVE-2024-3228

The Social Sharing Plugin – Kiwi plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.7 via the 'kiwi-nw-pinterest' class. This makes it possible for unauthenticated attackers to view limited content from password protected posts...

WordPress Kiwi plugin <= 2.1.7 - Information Disclosure vulnerability

Information Disclosure vulnerability discovered by Krzysztof Zając in WordPress Plugin Kiwi versions = 2.1.7...

CVE-2024-3228

The Social Sharing Plugin – Kiwi plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.7 via the 'kiwi-nw-pinterest' class. This makes it possible for unauthenticated attackers to view limited content from password protected posts...

CVE-2024-3228

The Social Sharing Plugin – Kiwi plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.7 via the 'kiwi-nw-pinterest' class. This makes it possible for unauthenticated attackers to view limited content from password protected posts...

CVE-2024-3228

The CVE-2024-3228 entry concerns The Social Sharing Plugin – Kiwi for WordPress. Affected: all versions up to and including 2.1.7. Root cause: Information Exposure via the kiwi-nw-pinterest class, enabling unauthenticated attackers to view limited content from password-protected posts. Public ref...

WordPress Kiwi Plugin <= 2.1.7 is vulnerable to Sensitive Data Exposure

Software Kiwi Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-3228 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4e7034ad8403 Credits Krzysztof Zając Required privilege...

WordPress plugin Kiwi security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Cross site request forgery (csrf)

The kiwi-logo-carousel plugin before 1.7.2 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?posttype=kwlogos&page=kwlogossettings tab or tabflagsorder parameter...