EUVD-2023-46352

Malicious code in bioql PyPI...

CVE-2024-0682

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

CVE-2024-1083

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.6 via the REST API. This makes it possible for authenticated attackers to bypass the plugin's restrictions to extract post titles and content...

CVE-2023-41861

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Restrict plugin = 2.2.4 versions...

PT-2025-18381

Name of the Vulnerable Software and Affected Versions Brainstorm Force SureTriggers versions 1.0.0 through 1.0.82 Description The issue is related to an incorrect privilege assignment vulnerability in Brainstorm Force SureTriggers, allowing privilege escalation. This vulnerability can be exploite...

WordPress plugin Restrict 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

CVE-2024-11106

CVE-2024-11106 affects the Simple Restrict WordPress plugin, exposing sensitive data from restricted posts unauthenticated via WordPress core search in all versions up to 1.2.7. Red Hat and Wordfence entries confirm the vulnerability and its impact; remediation is to upgrade to 1.2.7+ (patched).

CVE-2024-11106 Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

CVE-2024-11106 Simple Restrict <= 1.2.7 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure

The Simple Restrict plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.7 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

PT-2024-34720 · Bpmn Io · Bpmn.Io

Name of the Vulnerable Software and Affected Versions: bpmn.Io versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attacker can inject malicious...

PT-2024-39161 · WordPress · Wp Simple Booking Calendar

Name of the Vulnerable Software and Affected Versions: WP Simple Booking Calendar plugin for WordPress versions up to, and including, 2.0.10 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg and remove query arg without appropriate escaping on the...

PT-2024-29421 · WordPress · The Floating Chat Widget

Name of the Vulnerable Software and Affected Versions: The Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button WordPress plugin versions prior to 3.2.3 Description: The issue allows high privilege users, such as admins, to perform...

CVE-2024-0910

The Restrict for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.6 due to improper restrictions on hidden data that make it accessible through the REST API. This makes it possible for unauthenticated attackers to extract...

CVE-2024-1083

CVE-2024-1083 refers to the WordPress plugin Simple Restrict (affected versions:

CVE-2024-24702 WordPress Page Restrict Plugin <= 2.5.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Matt Martz & Andy Stratton Page Restrict.This issue affects Page Restrict: from n/a through 2.5.5...

CVE-2024-0682

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

CVE-2024-0682

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

CVE-2024-0682 Page Restrict <= 2.5.5 - Protection Mechanism Bypass

The Page Restrict plugin for WordPress is vulnerable to information disclosure in all versions up to, and including, 2.5.5. This is due to the plugin not properly restricting access to posts via the REST API when a page has been made private. This makes it possible for unauthenticated attackers t...

PT-2024-14189 · WordPress · Crm Perks Forms – Wordpress Form Builder

Name of the Vulnerable Software and Affected Versions: CRM Perks Forms – WordPress Form Builder versions 1.1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that...

PT-2023-29880 · WordPress · Realmag777 Wolf – Wordpress Posts Bulk Editor/Manager Professional

Name of the Vulnerable Software and Affected Versions: realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin versions 1.0.7.1 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to...