6279 matches found
CVE-2025-10163
Summary: WordPress plugin List category posts (versions
CVE-2025-10163 List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode
The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2025-10163 List Category Posts <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode
The List category posts plugin for WordPress is vulnerable to time-based SQL Injection via the ‘startingwith’ parameter of the catlist shortcode in all versions up to, and including, 0.91.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
WordPress List Category Posts plugin <= 0.91.0 - Authenticated (Contributor+) SQL Injection via Plugin's Shortcode vulnerability
Authenticated Contributor+ SQL Injection via Plugin's Shortcode vulnerability discovered by Khanh Nguyen - BlueRock - BlueRock in WordPress Plugin List category posts versions = 0.91.0...
CVE-2025-11412
creationtimestamp| type| source ---|---|--- 2025-12-11 00:30:27+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2756u523 2025-12-11 00:30:37+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2j6xti2p 2025-12-11 06:48:37+00:00| seen|...
CVE-2025-11414
creationtimestamp| type| source ---|---|--- 2025-12-11 00:30:27+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2756u523 2025-12-11 00:30:37+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3m7od2j6xti2p 2025-12-11 06:48:37+00:00| seen|...
CVE-2025-67510
creationtimestamp| type| source ---|---|--- 2025-12-11 00:02:58+00:00| seen| https://infosec.exchange/users/offseq/statuses/115697999974272387 2025-12-11 00:02:59+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m7obj33kme2n 2025-12-11 01:10:24+00:00| seen|...
WordPress plugin List category posts SQL注入漏洞
WordPress List category posts is a feature-rich WordPress plugin , mainly through the catlist short code to achieve the function . WordPress List category posts has a SQL injection vulnerability, the vulnerability stems from the existence of the startingwith parameter time-based SQL injection, an...
PT-2025-50649
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed user-supplied HTML to inject DOM elements with IDs that collided with server-initialized data islands. These collisions could overwrite or shadow critical application state objects used by...
CVE-2025-49351
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-13339
creationtimestamp| type| source ---|---|--- 2025-12-10 07:10:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7miwp5sjw2y 2025-12-10 07:45:41+00:00| seen| https://gist.github.com/Darkcrai86/54a35bd8d99ef7098f2e2b7b8465278c 2025-12-10 08:07:48+00:00| seen|...
CVE-2025-9056
creationtimestamp| type| source ---|---|--- 2025-12-10 04:34:40+00:00| seen| https://infosec.exchange/users/offseq/statuses/115693406042917432 2025-12-10 04:34:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m7ma7ytwwo2m 2025-12-10 04:55:26+00:00| seen|...
EUVD-2025-202041
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-49351
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-49351
CVE-2025-49351 is a CSRF vulnerability in the WordPress plugin Create Posts & Terms (plugin slug: create-posts-terms), affecting versions up to and including 1.3.1. The connected documents specify that the flaw allows Cross-Site Request Forgery which can lead to Stored XSS. Root cause and exact v...
CVE-2025-49351
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-49351 WordPress Create Posts & Terms plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
CVE-2025-49351 WordPress Create Posts & Terms plugin <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...
WordPress plugin Create Posts Terms 跨站请求伪造漏洞
...
PT-2025-49986
Cross-Site Request Forgery CSRF vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Create Posts & Terms: from n/a through = 1.3.1...