9 matches found
CVE-2026-49051 WordPress WP Meta and Date Remover plugin <= 2.3.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in Prasad Kirpekar WP Meta and Date Remover allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Meta and Date Remover: from n/a through 2.3.6...
WordPress WP Meta and Date Remover plugin <= 2.3.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Meta and Date Remover versions = 2.3.6...
EUVD-2023-51931
Malicious code in bioql PyPI...
CVE-2023-4823
The WP Meta and Date Remover WordPress plugin before 2.2.0 provides an AJAX endpoint for configuring the plugin settings. This endpoint has no capability checks and does not sanitize the user input, which is then later output unescaped. Allowing any authenticated users, such as subscriber change...
CVE-2023-47836
Missing Authorization vulnerability in prasadkirpekar WP Meta and Date Remover wp-meta-and-date-remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meta and Date Remover: from n/a through = 2.3.0...
CVE-2023-47836
Missing Authorization vulnerability in prasadkirpekar WP Meta and Date Remover wp-meta-and-date-remover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Meta and Date Remover: from n/a through = 2.3.0...
Cross site scripting
The WP Meta and Date Remover WordPress plugin before 2.2.0 provides an AJAX endpoint for configuring the plugin settings. This endpoint has no capability checks and does not sanitize the user input, which is then later output unescaped. Allowing any authenticated users, such as subscriber change...
CVE-2023-4823
CVE-2023-4823 affects the WordPress plugin “WP Meta and Date Remover” (versions prior to 2.2.0). The vulnerability arises from an AJAX endpoint used to configure plugin settings that lacks capability checks and does not sanitize user input, with the input later output unescaped. This enables Stor...
WordPress WP Meta and Date Remover Plugin < 1.9.10 is vulnerable to Cross Site Scripting (XSS)
Software WP Meta and Date Remover Type Plugin Vulnerable versions 1.9.10 Fixed in 1.9.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f546a378ae2 Credits Rafie Muhammad Patchsta...