CVE-2025-60227

CVE-2025-60227 is a path traversal vulnerability in the WordPress WP Pipes plugin, caused by improper limitation of a pathname to a restricted directory. Affected product/version: WordPress WP Pipes plugin versions

CVE-2025-60227 WordPress WP Pipes plugin <= 1.4.3 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ThimPress WP Pipes wp-pipes allows Path Traversal.This issue affects WP Pipes: from n/a through = 1.4.3...

WordPress plugin WP Pipes 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A path travers...

EUVD-2023-44632

Malicious code in bioql PyPI...

EUVD-2024-50741

Malicious code in bioql PyPI...

CVE-2025-28977 WordPress WP Pipes Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3...

CVE-2025-28977 WordPress WP Pipes Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress WP Pipes allows Reflected XSS. This issue affects WP Pipes: from n/a through 1.4.3...

WordPress WP Pipes Plugin <= 1.4.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by LVT-tholv2k in WordPress Plugin WP Pipes versions = 1.4.3...

WordPress plugin WP Pipes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress WP Pipes SQL Injection Vulnerability

WordPress WP Pipes is an auto-collection plugin for WordPress, mainly used to merge the content of multiple RSS feeds into a new RSS feed, and supports regular updates and customized filtering features. WordPress WP Pipes suffers from a SQL injection vulnerability that stems from improper handlin...

CVE-2025-28982 WordPress WP Pipes plugin <= 1.4.3 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in ThimPress WP Pipes allows SQL Injection. This issue affects WP Pipes: from n/a through 1.4.3...

WordPress plugin WP Pipes SQL注入漏洞

WordPress WP Pipes is an auto-collection plugin for WordPress, mainly used to merge the content of multiple RSS feeds into a new RSS feed, and supports regular updates and customized filtering features. WordPress WP Pipes suffers from a SQL injection vulnerability that stems from improper handlin...

WordPress WP Pipes plugin <= 1.4.3 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by LVT-tholv2k in WordPress Plugin WP Pipes versions = 1.4.3...

CVE-2024-12283

The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

CVE-2023-40009

Cross-Site Request Forgery CSRF vulnerability in ThimPress WP Pipes plugin = 1.4.0 versions...

CVE-2024-12283

The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

CVE-2024-12283

CVE-2024-12283 refers to the WP Pipes plugin for WordPress. It allows a Reflected Cross-Site Scripting (XSS) via the x1 parameter in all versions up to and including 1.4.1 due to insufficient input sanitization and output escaping. The vulnerability is exploitable by unauthenticated attackers who...

CVE-2024-12283 WP Pipes <= 1.4.1 - Reflected Cross-Site Scripting via x1 Parameter

The WP Pipes plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘x1’ parameter in all versions up to, and including, 1.4.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

PT-2024-17526 · WordPress · Wp Pipes

Name of the Vulnerable Software and Affected Versions: WP Pipes plugin for WordPress versions up to, and including, 1.4.1 Description: The issue is related to Reflected Cross-Site Scripting via the x1 parameter due to insufficient input sanitization and output escaping. This allows unauthenticate...

WordPress WP Pipes plugin <= 1.4.1 - Reflected Cross-Site Scripting via x1 Parameter vulnerability

Reflected Cross-Site Scripting via x1 Parameter vulnerability discovered by vgo0 in WordPress Plugin WP Pipes versions = 1.4.1...