28 matches found
CVE-2026-52705
CVE-2026-52705 affects the WordPress plugin SigmaForms Pro – AI Generated Forms (versions
CVE-2026-52699
Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...
CVE-2026-52699 WordPress VikRentCar plugin <= 1.4.5 - Insecure Direct Object References (IDOR) vulnerability
Unauthenticated Insecure Direct Object References IDOR in VikRentCar = 1.4.5 versions...
CVE-2026-39501
Missing Authorization vulnerability in RealMag777 FOX woocommerce-currency-switcher allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FOX: from n/a through = 1.4.5...
CVE-2026-32531 WordPress Kunco theme < 1.4.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through 1.4.5...
WordPress FOX plugin <= 1.4.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by timomangcut in WordPress Plugin FOX versions = 1.4.5...
CVE-2026-25326
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in cmsmasters CMSMasters Content Composer cmsmasters-content-composer allows PHP Local File Inclusion.This issue affects CMSMasters Content Composer: from n/a through = 1.4.5...
CVE-2025-68881
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saad Iqbal AppExperts appexperts allows SQL Injection.This issue affects AppExperts: from n/a through = 1.4.5...
EUVD-2025-36612
Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through = 1.4.5...
CVE-2025-64234 WordPress Evergreen Content Poster plugin <= 1.4.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Evergreen Content Poster Evergreen Content Poster evergreen-content-poster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Evergreen Content Poster: from n/a through = 1.4.5...
CVE-2025-62971 WordPress Attesa Extra plugin <= 1.4.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CrestaProject Attesa Extra attesa-extra allows Stored XSS.This issue affects Attesa Extra: from n/a through = 1.4.7...
CVE-2025-53218 WordPress AppExperts plugin <= 1.4.5 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through = 1.4.5...
CVE-2025-49373
CVE-2025-49373 concerns the WordPress plugin Evergreen Content Poster (versions up to and including 1.4.5). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw that can allow an attacker to induce actions on behalf of authenticated users. Root cause details in the connected sources cons...
WordPress plugin Evergreen Content Poster 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-58821
CVE-2025-58821 applies to the WordPress plugin WP Notification Bell. The vulnerability is stored XSS caused by improper input neutralization during web page generation, affecting WP Notification Bell versions up to 1.4.5 (per CVE entry); Patchstack and related sources indicate a fix may be availa...
WordPress Zikzag Core plugin <= 1.4.5 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Bonds in WordPress Plugin Zikzag Core versions = 1.4.5...
CVE-2025-31025
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Blocksera Image Hover Effects Block image-hover-effects-block allows Stored XSS.This issue affects Image Hover Effects Block: from n/a through = 1.4.5...
CVE-2024-35721
Missing Authorization vulnerability in A WP Life Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery.This issue affects Image Gallery – Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery: from n/a through 1.4.5...
CVE-2025-32921 WordPress Arrival theme <= 1.4.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpoperations Arrival arrival allows PHP Local File Inclusion.This issue affects Arrival: from n/a through = 1.4.5...
WordPress Evergreen Content Poster plugin <= 1.4.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by LVT-tholv2k in WordPress Plugin Evergreen Content Poster versions = 1.4.5...