6 matches found
CVE-2025-53246 WordPress Backup and Move Plugin <= 0.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Gaurav Aggarwal Backup and Move backup-and-move allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Backup and Move: from n/a through = 0.1...
CVE-2025-10132 Dhivehi Text <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Dhivehi Text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dhivehi' shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
WordPress Signature plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin WordPress Signature versions = 0.1...
WordPress Meetup plugin <= 0.1 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Meetup versions = 0.1...
WordPress Woo Inquiry plugin <= 0.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by theviper17y in WordPress Plugin Woo Inquiry versions = 0.1...
CVE-2022-46864
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Umair Saleem Woocommerce Custom Checkout Fields Editor With Drag & Drop plugin = 0.1 versions...