11 matches found
CVE-2026-42411
Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...
WordPress CloudSecure WP Security plugin <= 1.4.7 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by 0xzenko in WordPress Plugin CloudSecure WP Security versions = 1.4.7...
CVE-2026-2599
CVE-2026-2599 : The WordPress plugin cluster “Database for Contact Form 7, WPforms, Elementor forms” is affected by an unauthenticated PHP Object Injection via deserialization in the download_csv function (vulnerable through 1.4.7). The vulnerability alone has no impact unless a PHP Object Payloa...
WordPress VW Pet Shop theme <= 1.4.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW Pet Shop versions = 1.4.7...
WordPress AI Copilot plugin <= 1.5.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin AI Copilot versions = 1.5.0...
CVE-2025-13089
The WP Directory Kit plugin for WordPress is vulnerable to SQL Injection via the 'hidefields' and the 'attrsearch' parameter in all versions up to, and including, 1.4.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2025-64271
Cross-Site Request Forgery CSRF vulnerability in HasThemes WP Plugin Manager wp-plugin-manager allows Cross Site Request Forgery.This issue affects WP Plugin Manager: from n/a through = 1.4.7...
CVE-2025-64271
CVE-2025-64271 describes a Cross-Site Request Forgery (CSRF) vulnerability in HasThemes WP Plugin Manager (wp-plugin-manager) affecting version range up to and including 1.4.7. The issue arises from insufficient validation of requests from trusted users, enabling authenticated actions to be spoof...
CVE-2025-0667
The CVE-2025-0667 issue is a Stored XSS in BOINC Server caused by improper neutralization of input during web page generation. Affected are BOINC Server releases up to and including 1.4.7; the vulnerability stems from the pm.php path and can enable stored XSS without user interaction beyond visit...
BOINC Server 安全漏洞
BOINC Server is an open source distributed computing platform server from the US-based BOINC organization for creating and managing volunteer computing projects. A security vulnerability exists in BOINC Server version 1.4.7 and earlier, which stems from improper input neutralization during web pa...
CVE-2024-43327
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Boone Gorges Invite Anyone allows Reflected XSS.This issue affects Invite Anyone: from n/a through 1.4.7...