WordPress Super Page Cache plugin <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability

Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability discovered by shark3y in WordPress Plugin Super Page Cache for Cloudflare versions = 5.2.2...

CVE-2026-1843

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

CVE-2026-1843 Super Page Cache <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Activity Log

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

CVE-2026-1843

The CVE-2026-1843 is for the WordPress plugin “Super Page Cache.” All versions up to and including 5.2.2 are vulnerable to Stored Cross-Site Scripting via the Activity Log due to insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary scripts...

PT-2026-8100

The Super Page Cache plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Activity Log in all versions up to, and including, 5.2.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

WordPress plugin Super Page Cache 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2024-25142

Malicious code in bioql PyPI...

CVE-2024-27968

Cross-Site Request Forgery CSRF vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5...

CVE-2024-27968

Cross-Site Request Forgery CSRF vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5...

CVE-2024-27968

CVE-2024-27968 is a Cross‑Site Request Forgery (CSRF) vulnerability in the WordPress plugin “Super Page Cache for Cloudflare,” which allows Stored XSS. Public details show affected software: Super Page Cache for Cloudflare, versions from n/a up to and including 4.7.5. The vulnerability is mitigat...

CVE-2024-27968 WordPress Super Page Cache for Cloudflare plugin <= 4.7.5 - Cross Site Request Forgery (CSRF) to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5...

CVE-2024-27968 WordPress Super Page Cache for Cloudflare plugin <= 4.7.5 - Cross Site Request Forgery (CSRF) to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5...

WordPress Plugin Super Page Cache for Cloudflare 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Super Page Cache for Cloudflare < 4.7.6 - Cross-Site Request Forgery

Description The Super Page Cache for Cloudflare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.7.5. This is due to missing or incorrect nonce validation on the adminmenupageindex function. This makes it possible for unauthenticated attackers t...