CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajaxloadmore , eaelwoopaginationproductajax, and ajaxeaelproductgallery...

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajaxloadmore , eaelwoopaginationproductajax, and ajaxeaelproductgallery...

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-27482 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.15 Description: The issue allows unauthenticated attackers to extract posts that may be in private or draft status due to Sensitive Information Exposur...

WordPress plugin Elespare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-32650

creationtimestamp| type| source ---|---|--- 2024-04-19 15:23:37+00:00| published-proof-of-concept| https://github.com/rustls/rustls/security/advisories/GHSA-6g7w-8wpp-frhj 2025-08-16 17:09:41+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwjud4woks2g 2025-08-16...

Easy Custom Auto Excerpt < 2.5.0 - Sensitive Information Exposure

Description The Easy Custom Auto Excerpt plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.12. This makes it possible for unauthenticated attackers to obtain excerpts of password-protected posts...

CVE-2024-32549

Cross-Site Request Forgery CSRF vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting XSS.This issue affects Related Posts for WordPress: from n/a through 4.0.3...

CVE-2024-32549 WordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting XSS.This issue affects Related Posts for WordPress: from n/a through 4.0.3...

CVE-2024-32549

CVE-2024-32549 is a CSRF-to-XSS vulnerability in the WordPress plugin “Microkid Related Posts” that can affect sites using the plugin up to version 4.0.3. The connected Red Hat entry confirms the issue as a CSRF vulnerability that enables XSS in Related Posts for WordPress. The CVSS 3.1 vector fr...

WordPress WP Show Posts plugin <= 1.1.5 - Improper Authorization to Information Exposure vulnerability

Improper Authorization to Information Exposure vulnerability discovered by Lucio Sá in WordPress Plugin WP Show Posts versions = 1.1.5...

WordPress WP Show Posts Plugin <= 1.1.5 is vulnerable to Sensitive Data Exposure

Software WP Show Posts Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6731 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0bc24cb2903a Credits Lucio Sá Required privilege...

PT-2024-24669 · WordPress · Microkid Related Posts

Name of the Vulnerable Software and Affected Versions: Microkid Related Posts for WordPress versions n/a through 4.0.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross-Site Scripting XSS in Microkid Related Posts for WordPress. Recommendations: For...

WP Show Posts < 1.1.6 - Improper Authorization to Information Exposure

Description The WP Show Posts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with subscriber access and above, to view...

WP Meta SEO < 4.5.13 - Unauthenticated Password Protected Content Access

Description The plugin is vulnerable to Sensitive Information Exposure via the meta description, allowing unauthenticated attackers to disclose potentially sensitive information via the meta description of password-protected posts...

CVE-2024-31497

creationtimestamp| type| source ---|---|--- 2024-04-16 08:46:23+00:00| seen| https://t.me/habrcomnews/26965 2024-04-16 14:06:21+00:00| seen| https://t.me/KomunitiSiber/1793 2024-04-16 14:12:39+00:00| seen| https://t.me/RedTeamFeed/267 2024-04-16 14:49:01+00:00| seen|...

WordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerability

CSRF to XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Related Posts for WordPress versions = 4.0.3...

WordPress Meta Box plugin < 5.9.4 - Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability

Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Meta Box – WordPress Custom Fields Framework versions 5.9.4...

WordPress Combo Blocks plugin < 2.2.76 - Unauthenticated Password Protected Posts Access vulnerability

Unauthenticated Password Protected Posts Access vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Post Grid and Gutenberg Blocks versions 2.2.76...

CVE-2024-31426

Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...