WordPress Plugin List category posts Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-15167 · WordPress · List Category Posts

Name of the Vulnerable Software and Affected Versions: The List category posts plugin for WordPress versions up to, and including, 0.89.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'catlist' shortcode due to insufficient input sanitization and output escapin...

WordPress List category posts Plugin <= 0.89.3 is vulnerable to Cross Site Scripting (XSS)

Software List category posts Type Plugin Vulnerable versions = 0.89.3 Fixed in 0.89.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6994 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1c18776c10d9 Credits Ngô Thiên An ancor...

CVE-2023-52145

Cross-Site Request Forgery CSRF vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21...

CVE-2023-52145

Cross-Site Request Forgery CSRF vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21...

CVE-2023-52145

CVE-2023-52145 corresponds to a CSRF in the WordPress plugin Republish Old Posts (affected

CVE-2023-52145 WordPress Republish Old Posts Plugin <= 1.21 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21...

CVE-2023-52145 WordPress Republish Old Posts Plugin <= 1.21 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Marios Alexandrou Republish Old Posts.This issue affects Republish Old Posts: from n/a through 1.21...

PT-2024-14434 · Unknown · Republish Old Posts

Name of the Vulnerable Software and Affected Versions: Republish Old Posts versions n/a through 1.21 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application tha...

WordPress Plugin Republish Old Posts Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Republish Old Posts < 1.27 - Cross-Site Request Forgery via rop_options_page

Description The Republish Old Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.21. This is due to missing or incorrect nonce validation on the ropoptionspage function. This makes it possible for unauthenticated attackers to modify the...

Relevanssi (Free < 4.22.0, Premium < 2.25.0) - Unauthenticated Private/Draft Post Disclosure

Description The plugin allows any unauthenticated user to read draft and private posts via a crafted request PoC https://example.com/?poststatus=draft https://example.com/?poststatus=private...

WordPress Posts to Page Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Posts to Page Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-52195 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a1a6b4b34260 Credits Ngô Thiên An ancorn from VNPT-VCI Required...

CVE-2023-52133

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16...

CVE-2023-52133

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WhileTrue Most And Least Read Posts Widget.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.16...

CVE-2023-52133

CVE-2023-52133 affects the Most And Least Read Posts Widget plugin (WordPress). The vulnerability is an SQL Injection in widget settings that can be exploited by an authenticated user with Contributor+ privileges. Affected range is from n/a through version 2.5.16; the entry notes the issue was pa...

PT-2023-31926 · Unknown · Whiletrue Most/Least Read Posts Widget

Name of the Vulnerable Software and Affected Versions: WhileTrue Most And Least Read Posts Widget versions 2.5.16 and earlier Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential...

WordPress Plugin Most And Least Read Posts Widget SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Most And Least Read Posts...