WordPress WP Latest Posts plugin <= 5.0.11 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Latest Posts versions = 5.0.11...

CERTFR-2026-ACT-027

creationtimestamp| type| source ---|---|--- 2026-06-22 13:28:44+00:00| seen| https://bsky.app/profile/cert-fr.bsky.social/post/3mouyjlshrm2z 2026-06-22 13:29:08+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116793994374387639 2026-06-22 13:36:55+00:00| seen|...

CVE-2024-48509

creationtimestamp| type| source ---|---|--- 2026-06-22 09:07:07+00:00| seen| https://bsky.app/profile/potato.software/post/3moujvrjoc22f 2026-06-22 09:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3moujvqbawm2i...

CVE-2025-66336

creationtimestamp| type| source ---|---|--- 2026-06-22 05:11:18+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mou4q3l4li2d 2026-06-22 11:50:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mouszmlsfm2j 2026-06-23 02:30:32+00:00| seen|...

CVE-2016-5681

creationtimestamp| type| source ---|---|--- 2026-06-22 03:33:58+00:00| seen| https://bsky.app/profile/ahmandonk.bsky.social/post/3motxbzt5uj2u 2026-06-22 08:01:23+00:00| seen| https://bsky.app/profile/potato.software/post/3mouga7voxc2f 2026-06-22 08:01:23+00:00| seen|...

CVE-2025-71357

creationtimestamp| type| source ---|---|--- 2026-06-21 16:28:41+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3moss4gcist27 2026-06-21 17:23:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mosv6sga2a2k...

CVE-2026-12786

creationtimestamp| type| source ---|---|--- 2026-06-21 09:00:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116787277091790305 2026-06-21 11:45:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3moscbep5rm2n...

CVE-2026-12780

creationtimestamp| type| source ---|---|--- 2026-06-21 06:00:27+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3moroz2af4t2o 2026-06-21 06:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116786569196289935 2026-06-22 12:39:57+00:00| seen|...

CVE-2026-52717

creationtimestamp| type| source ---|---|--- 2026-06-20 18:20:18+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moqhv2i2ok2w 2026-06-20 18:20:18+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3moqhuzmfw22w...

CVE-2026-11912

creationtimestamp| type| source ---|---|--- 2026-06-20 11:59:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mopsmtdged2h 2026-06-20 12:00:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mopsnvc2xj2l 2026-06-20 12:00:39+00:00| seen|...

CVE-2026-56082

creationtimestamp| type| source ---|---|--- 2026-06-19 23:24:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mooifngnaj2q 2026-06-20 01:01:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3moonsslcpx2x...

CVE-2026-50559

creationtimestamp| type| source ---|---|--- 2026-06-19 20:57:38+00:00| seen| https://bsky.app/profile/suriq.io/post/3mooa7iyulz2r 2026-06-19 22:18:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mooeqikk4j2g...

CVE-2026-7515

creationtimestamp| type| source ---|---|--- 2026-06-19 09:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3momy567jwx2t 2026-06-19 09:00:34+00:00| seen| https://infosec.exchange/users/offseq/statuses/116775952596013865 2026-06-22 00:39:28+00:00| seen|...

CVE-2026-9013

CVE-2026-9013 affects the WordPress Bogo plugin (

EUVD-2026-37983

The Bogo plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.9.1 via the bogorestcreateposttranslation. This makes it possible for authenticated attackers, with subscriber-level access and above, to extract the raw title, content, excerpt,...

CVE-2026-5667

creationtimestamp| type| source ---|---|--- 2026-06-18 18:13:12+00:00| seen| https://bsky.app/profile/r-netsec-bot.bsky.social/post/3molgkjvhag2n 2026-06-18 18:54:32+00:00| seen| https://bsky.app/profile/r-netsec.bsky.social/post/3moliuhtdar2v...

CVE-2026-54219

UBB.threads is vulnerable to Stored XSS via user posts and user profile fields. The application fails to properly sanitize user input, allowing low privileged attackers to inject arbitrary JavaScript that executes in a victim's browser upon viewing. Because vendor contact attempts were...

CVE-2026-11717

creationtimestamp| type| source ---|---|--- 2026-06-18 13:18:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mokw33ts7e2e 2026-06-18 15:30:22+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mol5hf2ood27 2026-06-18 15:30:29+00:00| seen|...

CVE-2026-11718

creationtimestamp| type| source ---|---|--- 2026-06-18 13:13:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mokvs5esly2y 2026-06-18 14:00:17+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mokygbvzep2c 2026-06-18 14:00:30+00:00| seen|...

CVE-2026-54219

UBB.threads is vulnerable to a Stored XSS flaw via user posts and profile fields due to insufficient input sanitization. In the confirmed case, version 7.7.5 is affected, and low-privilege attackers can inject JavaScript that executes in a victim’s browser when viewing content. Other versions may...