9 matches found
CVE-2025-1436
The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2025-1436
The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13884
The Limit Bio WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2025-1436 Limit Bio <= 1.0 - Stored XSS via CSRF
The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13884 Limit Bio <= 1.0 - Reflected XSS
The Limit Bio WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Limit Bio 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2025-11155 · WordPress · Limit Bio Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Limit Bio WordPress plugin versions 1.0 and earlier Description: The issue concerns a lack of CSRF check when updating settings in the Limit Bio WordPress plugin, along with missing sanitization and escaping. This could allow attackers to mak...
PT-2025-11147 · WordPress · Limit Bio Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Limit Bio WordPress plugin versions 1.0 and earlier Description: The issue arises from the plugin not sanitizing and escaping a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. This could be used...
WordPress Limit Bio plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Limit Bio versions = 1.0...