EUVD-2026-13049

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

CVE-2026-28073

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tips and Tricks HQ WP eMember allows Reflected XSS.This issue affects WP eMember: from n/a through v10.2.2...

CVE-2023-22691

CVE-2023-22691 affects the WordPress plugin Category Specific RSS feed Subscription (Tips and Tricks HQ) <= v2.1. A CSRF vulnerability exists in settings/credential-related actions due to missing CSRF checks, enabling unauthenticated attackers to induce actions on behalf of admins. Patch sourc...

WordPress Plugin "Category Specific RSS feed Subscription" vulnerable to cross-site request forgery

Overview WordPress Plugin "Category Specific RSS feed Subscription" provided by Tips and Tricks HQ contains a cross-site request forgery vulnerability CWE-352. Gota Abe of Cryptography Laboratory,Department of Information and Communication Engineering,Tokyo Denki University directly reported this...