CVE-2023-4036

The Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones...

WordPress plugin Simple Blog Card 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

CVE-2023-32510

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rolf van Gelder Order Your Posts Manually plugin = 2.2.5 versions...

CVE-2023-32510 WordPress Order Your Posts Manually Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rolf van Gelder Order Your Posts Manually plugin = 2.2.5 versions...

CVE-2023-32510 WordPress Order Your Posts Manually Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rolf van Gelder Order Your Posts Manually plugin = 2.2.5 versions...

CVE-2023-32510

CVE-2023-32510 is an unauthenticated Reflected XSS in the WordPress plugin Order Your Posts Manually (versions

WordPress plugin Order Your Posts Manually 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-32509

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rolf van Gelder Order Your Posts Manually plugin = 2.2.5 versions...

CVE-2023-32509

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rolf van Gelder Order Your Posts Manually plugin = 2.2.5 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Rolf van Gelder Order Your Posts Manually plugin = 2.2.5 versions...

CVE-2023-32509

CVE-2023-32509: Unauthenticated reflected XSS in WordPress plugin Order Your Posts Manually (

WordPress plugin Order Your Posts Manually 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2023-31218

Cross-Site Request Forgery CSRF leading to Stored Cross-Site Scripting XSS vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin = 1.0.6 versions...

WordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Schedule Posts Calendar Type Plugin Vulnerable versions = 5.2 Fixed in 5.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-40556 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a1a078a12ea5 Credits Nguyen Xuan Chi...

WordPress Schedule Posts Calendar Plugin <= 5.2 is vulnerable to Cross Site Scripting (XSS)

Software Schedule Posts Calendar Type Plugin Vulnerable versions = 5.2 Fixed in 5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40560 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c1fc3aefabc0 Credits Rio Darmawan Requir...

CVE-2023-4308

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

Cross site scripting

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content'

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

CVE-2023-4308 User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content'

The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user-submitted-content’ parameter in versions up to, and including, 20230809 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...

WordPress Plugin User Submitted Posts Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...