110 matches found
WordPress Popular Posts by Webline plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Popular Posts by Webline versions = 1.1.1...
CVE-2022-43468
External initialization of trusted variables or data stores vulnerability exists in WordPress Popular Posts 6.0.5 and earlier, therefore the vulnerable product accepts untrusted external inputs to update certain internal variables. As a result, the number of views for an article may be manipulate...
CVE-2021-20746
Cross-site scripting vulnerability in WordPress Popular Posts 5.3.2 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...
CVE-2025-22705
Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...
CVE-2025-22705
Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...
CVE-2025-22705 WordPress Disqus Popular Posts plugin <= 2.1.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...
CVE-2025-22705 WordPress Disqus Popular Posts plugin <= 2.1.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in godthor Disqus Popular Posts disqus-popular-posts allows Reflected XSS.This issue affects Disqus Popular Posts: from n/a through = 2.1.1...
CVE-2025-22705
CVE-2025-22705 : A CSRF vulnerability in WordPress plugin Disqus Popular Posts (versions
PT-2025-6964 · Disqus · Disqus Popular Posts
Name of the Vulnerable Software and Affected Versions: Disqus Popular Posts versions through 2.1.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Reflected XSS. This means an attacker can trick a user into performing unintended actions on a web application...
CVE-2024-11733
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
WordPress Disqus Popular Posts plugin <= 2.1.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability
CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Disqus Popular Posts versions = 2.1.1...
CVE-2024-11733
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-11733 WordPress Popular Posts <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-11733 WordPress Popular Posts <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-11733
CVE-2024-11733 concerns WordPress Popular Posts for WordPress. Affected: all versions up to and including 7.1.0. Root cause: unvalidated value is passed to do_shortcode, allowing an attacker to trigger shortcode execution. Impact: unauthenticated attackers can execute arbitrary shortcodes, enabli...
WordPress Popular Posts plugin <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin Popular Posts versions = 7.1.0...
CVE-2023-47238
Cross-Site Request Forgery CSRF vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin = 3.3.2 versions...
CVE-2023-47238
Cross-Site Request Forgery CSRF vulnerability in WebberZone Top 10 – WordPress Popular posts by WebberZone plugin = 3.3.2 versions...
CVE-2023-47238
The CVE-2023-47238 entry concerns WebberZone Top 10 – WordPress Popular posts by WebberZone plugin. A CSRF vulnerability affects versions
WordPress Popular Posts < 6.3.3 - Contributor+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...