CVE-2024-13571 Post Timeline < 2.3.10 - Reflected XSS

The Post Timeline WordPress plugin before 2.3.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-47323

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

CVE-2024-47322

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines allows Reflected XSS.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

CVE-2024-47324

Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

CVE-2025-23747

CVE-2025-23747 is a stored cross-site scripting vulnerability in the WordPress plugin Awesome Timeline (versions up to 1.0.1). The issue stems from improper neutralization of input during web page generation , enabling stored XSS. The vulnerability affects the plugin as deployed on WordPress site...

WordPress Awesome Timeline plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Awesome Timeline versions = 1.0.1...

CVE-2024-47322

CVE-2024-47322 applies to WordPress WP Timeline – Vertical and Horizontal timeline plugin (

WordPress plugin WP Timeline 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2024-47324 WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability

Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

CVE-2024-47324 WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability

Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

CVE-2024-47323 WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through = 3.6.7...

WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin WP Timeline – Vertical and Horizontal timeline plugin versions = 3.6.7...

WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin WP Timeline – Vertical and Horizontal timeline plugin versions = 3.6.7...

WordPress WP Timeline plugin <= 3.6.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin WP Timeline – Vertical and Horizontal timeline plugin versions = 3.6.7...

Knight Lab Timeline <= 3.9.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Description The Knight Lab Timeline plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.3.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

CVE-2023-4284 Post Timeline < 2.2.6 - Reflected XSS

The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress Post Timeline Plugin <= 2.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Post Timeline Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4284 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 86a5f3c466ca Credits tnt24 Required...

CVE-2020-36738 Cool Timeline (Horizontal & Vertical Timeline) <= 2.0.2 - Cross-Site Request Forgery Bypass

The Cool Timeline Horizontal & Vertical Timeline plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.0.2. This is due to missing or incorrect nonce validation on the ctlsave function. This makes it possible for unauthenticated attackers to save fie...

WordPress Plugin Cool Timeline 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2022-37328

Authenticated author+ Stored Cross-Site Scripting XSS vulnerability in Themes Awesome History Timeline plugin = 1.0.5 at WordPress...