WordPress Pearl plugin <= 1.3.8 - Cross-Site Request Forgery to Header Deletion vulnerability

Cross-Site Request Forgery to Header Deletion vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Pearl versions = 1.3.8...

EUVD-2024-46682

Malicious code in bioql PyPI...

CVE-2022-38356

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin = 1.3.4 versions...

WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika in WordPress Plugin Pearl versions = 1.3.9...

CVE-2025-31881

Technical details for CVE-2025-31881 are not provided in the supplied documents. No specific vendor, product version, affected component, exploit info, or remediation is present. Monitor official advisories and the CVE entry for future updates.

CVE-2025-31880 WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stylemix Pearl pearl-header-builder allows Cross Site Request Forgery.This issue affects Pearl: from n/a through = 1.3.9...

CVE-2025-31880 WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stylemix Pearl allows Cross Site Request Forgery. This issue affects Pearl: from n/a through 1.3.9...

WordPress plugin Pearl 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress plugin Pearl 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Pearl 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2024-5468

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stmhbdelete function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to...

CVE-2024-5468

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to unauthorized site option deletion due to a missing validation and capability checks on the stmhbdelete function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to...

CVE-2024-5468

The CVE-2024-5468 entry corresponds to WordPress Header Builder Plugin – Pearl (≤ 1.3.7). It describes an unauthorized deletion of arbitrary site options due to missing validation and capability checks in stm_hb_delete(), exploitable by unauthenticated attackers and potentially enabling DoS. Publ...

WordPress plugin Pearl security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress Pearl plugin <= 1.3.7 - Missing Authorization to Unauthenticated Arbitrary Site Options Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Site Options Deletion vulnerability discovered by Lucio Sá in WordPress Plugin Pearl versions = 1.3.7...

WordPress Pearl Plugin <= 1.3.7 is vulnerable to Broken Access Control

Software Pearl Type Plugin Vulnerable versions = 1.3.7 Fixed in 1.3.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5468 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 816d74377350 Credits Lucio Sá Required privilege...

CVE-2024-4000 WordPress Header Builder Plugin – Pearl <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stmhb' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2024-4000 WordPress Header Builder Plugin – Pearl <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The WordPress Header Builder Plugin – Pearl plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'stmhb' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

PT-2024-28758 · WordPress · Wordpress Header Builder Plugin

Name of the Vulnerable Software and Affected Versions: WordPress Header Builder Plugin – Pearl plugin for WordPress versions up to, and including, 1.3.6 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'stm hb' shortcode due to insufficient input sanitization and...

WordPress plugin Pearl 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...