13 matches found
WordPress plugin TypeSquare Webfonts for ConoHa 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
EUVD-2014-1161
Malware in sbrugna...
EUVD-2021-11628
Malware in sbrugna...
EUVD-2023-24070
Malicious code in bioql PyPI...
CVE-2025-4691
The Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.21 via the 'viewrequestdetails' due to missing validation on a user controlled key. This makes it...
CVE-2024-7963
The CMSMasters Content Composer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's multiple shortcodes in all versions up to, and including, 1.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Uptime Robot Plugin for WordPress plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Uptime Robot Plugin for WordPress versions = 2.3...
CVE-2024-11012
CVE-2024-11012 (Notibar – Notification Bar for WordPress) is a vulnerability in the Notibar WordPress plugin where an authenticated user with Subscriber+ privileges can trigger arbitrary shortcode execution through the njt_nofi_text AJAX action. The root cause is lack of proper validation before ...
CVE-2024-5799 CM Pop-Up Banners for WordPress < 1.7.3 - Contributor+ Stored XSS
The CM Pop-Up Banners for WordPress plugin before 1.7.3 does not sanitise and escape some of its popup fields, which could allow high privilege users such as Contributors to perform Cross-Site Scripting attacks...
CVE-2019-15649
The insert-or-embed-articulate-content-into-wordpress plugin before 4.2999 for WordPress has insufficient restrictions on file upload...
slideoptinprox - XSS
The slideoptinprox WordPress plugin was affected by a XSS security vulnerability...
paypal-digital-goods-monetization-powered-by-cleeng <= 2.2.13 - XSS in ZeroClipboard
The paypal-digital-goods-monetization-powered-by-cleeng WordPress plugin was affected by a XSS in ZeroClipboard security vulnerability...
RokBox <= 2.13 - rokbox.php Direct Request Path Disclosure
The wprokbox WordPress plugin was affected by a rokbox.php Direct Request Path Disclosure security vulnerability...