6276 matches found
WordPress plugin Category Posts Widget 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Simple add pages or posts plugin <= 2.0.0 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Simple Add Pages or Posts versions = 2.0.0...
CVE-2025-21613
creationtimestamp| type| source ---|---|--- 2025-01-06 17:16:40+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf3n7ej2uw22 2025-01-06 17:49:11+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113782669240994944 2025-01-06 19:26:23+00:00| seen|...
CVE-2024-13145
creationtimestamp| type| source ---|---|--- 2025-01-06 00:37:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113778614006646037 2025-01-06 01:15:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lezxihyv4t25 2025-01-06 01:37:35+00:00| seen|...
GHSA-5JH2-6V7C-86VJ
creationtimestamp| type| source ---|---|--- 2025-01-05 01:30:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/35 2025-01-05 01:32:15+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/50 2025-01-05 01:34:55+00:00| published-proof-of-concept|...
CVE-2024-11733
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-11733 WordPress Popular Posts <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-11733 WordPress Popular Posts <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution
The The WordPress Popular Posts plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 7.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possib...
CVE-2024-11733
CVE-2024-11733 concerns WordPress Popular Posts for WordPress. Affected: all versions up to and including 7.1.0. Root cause: unvalidated value is passed to do_shortcode, allowing an attacker to trigger shortcode execution. Impact: unauthenticated attackers can execute arbitrary shortcodes, enabli...
Friday Squid Blogging: Anniversary Post
I made my first squid post nineteen years ago this week. Between then and now, I posted something about squid every week with maybe only a few exceptions. There is a lot out there about squid, even more if you count the other meanings of the word. Blog moderation policy...
WordPress Popular Posts plugin <= 7.1.0 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by mikemyers in WordPress Plugin Popular Posts versions = 7.1.0...
CVE-2024-56262
creationtimestamp| type| source ---|---|--- 2025-01-02 12:21:34+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2tyuxa22a 2025-01-02 12:42:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ler3zporn52r 2025-01-02 14:14:57+00:00| seen|...
CVE-2024-56259
creationtimestamp| type| source ---|---|--- 2025-01-02 12:21:27+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2trqej52i 2025-01-02 12:42:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ler3zq67lm2g 2025-01-02 14:15:07+00:00| seen|...
CVE-2024-37518
creationtimestamp| type| source ---|---|--- 2025-01-02 12:19:38+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2qkge732i 2025-01-02 18:08:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113760095804141325...
CVE-2024-37448
creationtimestamp| type| source ---|---|--- 2025-01-02 12:19:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2pihnrt2i 2025-01-02 17:08:22+00:00| seen| https://infosec.exchange/users/cve/statuses/113759859632900813...
CVE-2023-45636
creationtimestamp| type| source ---|---|--- 2025-01-02 12:15:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2jzaqv32i 2025-01-02 12:38:04+00:00| seen| https://infosec.exchange/users/cve/statuses/113758796727499328...
CVE-2023-46637 WordPress Generate Dummy Posts plugin <= 1.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Saurav Sharma Generate Dummy Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Generate Dummy Posts: from n/a through 1.0.0...
CVE-2024-12595
creationtimestamp| type| source ---|---|--- 2025-01-02 06:15:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3leqgfaacn52m 2025-01-02 06:47:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3leqi6btdre2q 2025-01-02 08:23:27+00:00| seen|...
PT-2025-1526 · Unknown · Generate Dummy Posts
Name of the Vulnerable Software and Affected Versions: Generate Dummy Posts versions 1.0.0 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can lead to unauthorized access du...
CVE-2025-0167
creationtimestamp| type| source ---|---|--- 2024-12-31 23:33:36+00:00| seen| https://mastodon.social/users/bagder/statuses/113750049544852986 2024-12-31 23:33:49+00:00| seen| https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3len7hvuu46i2 2025-02-05 07:24:03+00:00| seen|...