6279 matches found
CVE-2024-9020 List category posts < 0.90.3 - Author+ Stored XSS
The List category posts WordPress plugin before 0.90.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2025-23209
creationtimestamp| type| source ---|---|--- 2025-01-18 00:57:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2270 2025-01-18 01:15:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfy54asrpp2f 2025-01-18 01:48:56+00:00| seen|...
PT-2025-3706 · WordPress · List Category Posts
Name of the Vulnerable Software and Affected Versions: List category posts WordPress plugin versions prior to 0.90.3 Description: The issue concerns the List category posts WordPress plugin, where versions prior to 0.90.3 do not validate and escape some of its shortcode attributes before outputti...
WordPress plugin Evergreen Content Poster 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
CVE-2025-0534
creationtimestamp| type| source ---|---|--- 2025-01-17 18:41:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113845158942867513 2025-01-17 18:57:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2189 2025-01-17 19:15:52+00:00| seen|...
CERTFR-2025-ACT-002
creationtimestamp| type| source ---|---|--- 2025-01-17 16:45:05+00:00| seen| https://bsky.app/profile/infosecfr.skyfleet.blue/post/3lfxakzi2ev2w 2025-01-20 13:10:41+00:00| seen| https://bsky.app/profile/ag6218ent.bsky.social/post/3lg6fyfd7ww2y...
CVE-2024-37601
creationtimestamp| type| source ---|---|--- 2025-01-17 13:35:06+00:00| seen| https://poliverso.org/objects/0477a01e-45ff02b8-52616ac586aa8672 2025-01-20 18:30:05+00:00| seen| https://t.me/truesecator/6638 2025-02-13 23:15:47+00:00| seen|...
CVE-2024-52281
creationtimestamp| type| source ---|---|--- 2025-01-17 03:05:34+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lfvsrmnemd2z 2025-01-17 04:00:36+00:00| seen| https://bsky.app/profile/dinosn.bsky.social/post/3lfvvtwzne22g 2025-01-17 04:19:42+00:00| seen|...
CVE-2024-51462
creationtimestamp| type| source ---|---|--- 2025-01-17 02:28:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113841334923797565 2025-01-17 02:56:08+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2092 2025-01-17 03:15:46+00:00| seen|...
CVE-2025-23955
creationtimestamp| type| source ---|---|--- 2025-01-16 21:21:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfv7jqboco2e 2025-01-16 21:49:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lfvb47epkl2b 2025-01-16 22:56:01+00:00| seen|...
CVE-2025-23963
Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...
CVE-2025-23764
Missing Authorization vulnerability in ujjavaljani Copy Move Posts copy-move-posts.This issue affects Copy Move Posts: from n/a through = 1.6...
CVE-2025-23476
Cross-Site Request Forgery CSRF vulnerability in isnowfy my-related-posts my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through = 1.1...
CVE-2025-23764 WordPress Copy Move Posts plugin <= 1.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in ujjavaljani Copy Move Posts copy-move-posts.This issue affects Copy Move Posts: from n/a through = 1.6...
CVE-2025-23476
CVE-2025-23476 is a CSRF to Stored XSS vulnerability in the WordPress plugin my-related-posts (up to version 1.1). The CVSS 3.1 base score is 7.1 (High) with network attack vector, low attack complexity, and user interaction required. Affected software is the my-related-posts plugin for WordPress...
CVE-2025-23476 WordPress my-related-posts plugin <= 1.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in isnowfy my-related-posts my-related-posts allows Stored XSS.This issue affects my-related-posts: from n/a through = 1.1...
CVE-2024-57684
creationtimestamp| type| source ---|---|--- 2025-01-16 18:56:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2004 2025-01-16 19:16:16+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfuykgbpga2b 2025-01-16 19:24:57+00:00| seen|...
WordPress Mark Posts plugin <= 2.2.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Mark Posts versions = 2.2.4...
WordPress Delete All Posts plugin <= 1.1.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin Delete All Posts versions = 1.1.1...
WordPress Copy Move Posts plugin <= 1.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin Copy Move Posts versions = 1.6...