CVE-2025-1322 WP-Recall – Registration, Profile, Commerce & More <= 16.26.10 - Authenticated (Contributor+) Protected Post Disclosure

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 16.26.10 via the 'feed' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...

WordPress WP-Recall plugin <= 16.26.10 - Authenticated (Contributor+) Protected Post Disclosure vulnerability

Authenticated Contributor+ Protected Post Disclosure vulnerability discovered by Krzysztof Zając in WordPress Plugin WP-Recall versions = 16.26.10...

CVE-2024-12335 Avada Builder <= 3.11.12 - Authenticated (Contributor+) Protected Post Disclosure

The Avada Fusion Builder plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.11.12 via the handleclonepost function and the 'fusionblog' shortcode and due to insufficient restrictions on which posts can be included. This makes it possible for...

WordPress Avada Builder plugin <= 3.11.12 - Authenticated (Contributor+) Protected Post Disclosure vulnerability

Authenticated Contributor+ Protected Post Disclosure vulnerability discovered by Webbernaut in WordPress Plugin Fusion Builder versions = 3.11.12...