62 matches found
WordPress plugin Include URL 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-23688
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in editionskezzal Cobwebo URL Plugin cobwebo-url allows Reflected XSS.This issue affects Cobwebo URL Plugin: from n/a through = 1.0...
CVE-2025-23688
CVE-2025-23688 affects WordPress/Cobwebo URL Plugin (plugin
CVE-2025-23688 WordPress Cobwebo URL Plugin plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in editionskezzal Cobwebo URL Plugin cobwebo-url allows Reflected XSS.This issue affects Cobwebo URL Plugin: from n/a through = 1.0...
CVE-2025-23688 WordPress Cobwebo URL Plugin plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Cobwebo URL Plugin allows Reflected XSS. This issue affects Cobwebo URL Plugin: from n/a through 1.0...
WordPress plugin Cobwebo URL Plugin 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
CVE-2025-22564 WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faaiq Pretty Url pretty-url allows Reflected XSS.This issue affects Pretty Url: from n/a through = 1.5.4...
CVE-2025-22564 WordPress Pretty Url Plugin <= 1.5.4 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in faaiq Pretty Url pretty-url allows Reflected XSS.This issue affects Pretty Url: from n/a through = 1.5.4...
WordPress Cobwebo URL Plugin plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Cobwebo URL Plugin versions = 1.0...
WordPress plugin Short URL 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress Fence URL plugin <= 2.0.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Fence URL versions = 2.0.0...
WordPress Fence URL Plugin <= 2.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Fence URL Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53733 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 30a5e37e5481 Credits SOPROBRO Required privilege...
CVE-2023-1604 Short URL <= 1.6.8 - Cross-Site Request Forgery via configuration_page
The Short URL plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.8. This is due to missing or incorrect nonce validation on the configurationpage function. This makes it possible for unauthenticated attackers to add and import redirects, includi...
WordPress Featured Image from URL Plugin <= 4.8.2 is vulnerable to Broken Access Control
Software Featured Image from URL Type Plugin Vulnerable versions = 4.8.2 Fixed in 4.8.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37516 Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 819896bb0ba3 Credits Rafie Muhammad...
WordPress Featured Image from URL Plugin <= 4.8.1 is vulnerable to Broken Access Control
Software Featured Image from URL Type Plugin Vulnerable versions = 4.8.1 Fixed in 4.8.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37276 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cc8f54a6d149 Credits Rafie Muhammad...
WordPress LH Add Media From Url Plugin <= 1.22 is vulnerable to Cross Site Scripting (XSS)
Software LH Add Media From Url Type Plugin Vulnerable versions = 1.22 Fixed in 1.23 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32533 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 41466ce52d41 Credits Majed Refaea Required...
WordPress Short URL plugin <= 1.6.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Short URL versions = 1.6.8...
WordPress Featured Image from URL Plugin <= 4.6.2 is vulnerable to Cross Site Scripting (XSS)
Software Featured Image from URL Type Plugin Vulnerable versions = 4.6.2 Fixed in 4.6.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1496 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0a73358e107 Credits Nikolas Required...
WordPress Short URL Plugin <= 1.6.8 is vulnerable to Broken Access Control
Software Short URL Type Plugin Vulnerable versions = 1.6.8 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-47225 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 80acb0670d7b Credits Abdi Pranata Required privilege...
CVE-2023-45058
Cross-Site Request Forgery CSRF vulnerability in KaizenCoders Short URL plugin = 1.6.8 versions...