571 matches found
CVE-2019-18668
An issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user provides a currency that was not added by the administrator. In this case, even though the currency does not exist, it will be selected, but a price amount will fall back to the default currency. This...
CVE-2023-49834
Cross-Site Request Forgery CSRF vulnerability in realmag777 FOX – Currency Switcher Professional for WooCommerce.This issue affects FOX – Currency Switcher Professional for WooCommerce: from n/a through 1.4.1.4...
CVE-2025-23939
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in KHAN-IT Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/a through = 1.1...
CVE-2025-23619
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Catch Themes Catch Duplicate Switcher catch-duplicate-switcher allows Reflected XSS.This issue affects Catch Duplicate Switcher: from n/a through = 2.0...
CVE-2025-12524
The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...
CVE-2025-12524
The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...
CVE-2025-12524
CVE-2025-12524 refers to the WordPress plugin Post Type Switcher (versions up to and including 4.0.0). The issue is an Insecure Direct Object Reference due to missing validation on a user-controlled key, allowing authenticated attackers with Author-level access or higher to modify the post type o...
CVE-2025-12524 Post Type Switcher <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change
The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...
EUVD-2025-197957
The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...
CVE-2025-12524 Post Type Switcher <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change
The Post Type Switcher plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.0.0 due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with Author-level access and above, to modify the post type...
WordPress plugin Post Type Switcher 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-47243
Name of the Vulnerable Software and Affected Versions Post Type Switcher plugin for WordPress versions up to and including 4.0.0 Description The software contains an Insecure Direct Object Reference issue because of missing validation on a user-controlled key. Authenticated attackers with...
WordPress Post Type Switcher plugin <= 4.0.0 - Insecure Direct Object Reference to Authenticated (Author+) Post Type Change vulnerability
Insecure Direct Object Reference to Authenticated Author+ Post Type Change vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Post Type Switcher versions = 4.0.0...
EUVD-2025-34196
When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox 144...
CVE-2025-11717
When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being used. Prior to Firefox 144 the password edit screen was visible. This vulnerability affects Firefox 144...
EUVD-2025-33613
Malicious code in cbt-gs-switcher-library npm...
MAL-2025-48274 Malicious code in cbt-gs-switcher-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51e281e2aff0b1c284640210a317cb5796b2cfb60eccbb61d04d4cfe8941d3b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in cbt-gs-switcher-library (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 51e281e2aff0b1c284640210a317cb5796b2cfb60eccbb61d04d4cfe8941d3b2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
EUVD-2018-4664
Malware in sbrugna...
EUVD-2014-9543
Malware in sbrugna...