13 matches found
CVE-2026-39617 WordPress Bluestreet theme <= 1.7.3 - Cross Site Request Forgery (CSRF) to Arbitrary Plugin Installation vulnerability
Cross-Site Request Forgery CSRF vulnerability in priyanshumittal Bluestreet bluestreet allows Cross Site Request Forgery.This issue affects Bluestreet: from n/a through = 1.7.3...
CVE-2025-53222
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder td-subscription allows Reflected XSS.This issue affects tagDiv Opt-In Builder: from n/a through = 1.7.3...
CVE-2025-53222
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tagDiv tagDiv Opt-In Builder allows Reflected XSS.This issue affects tagDiv Opt-In Builder: from n/a through 1.7.3...
CVE-2026-24625
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2026-24625 WordPress File Uploads Addon for WooCommerce plugin <= 1.7.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Imaginate Solutions File Uploads Addon for WooCommerce woo-addon-uploads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects File Uploads Addon for WooCommerce: from n/a through = 1.7.3...
CVE-2025-69033
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in A WP Life Blog Filter blog-filter allows DOM-Based XSS.This issue affects Blog Filter: from n/a through = 1.7.3...
WordPress WP Twitter Auto Publish plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nicolai Hellesnes nico in WordPress Plugin WP Twitter Auto Publish versions = 1.7.4...
CVE-2025-47459
Cross-Site Request Forgery CSRF vulnerability in Roxnor FundEngine wp-fundraising-donation allows Cross Site Request Forgery.This issue affects FundEngine: from n/a through = 1.7.3...
CVE-2024-54331
Cross-Site Request Forgery CSRF vulnerability in Micha I Plant A Tree i-plant-a-tree allows Stored XSS.This issue affects I Plant A Tree: from n/a through = 1.7.3...
WordPress Uix Page Builder Plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Uix Page Builder versions = 1.7.3...
CVE-2024-54331
Cross-Site Request Forgery CSRF vulnerability in Micha I Plant A Tree i-plant-a-tree allows Stored XSS.This issue affects I Plant A Tree: from n/a through = 1.7.3...
CVE-2024-50523
Unrestricted Upload of File with Dangerous Type vulnerability in RainbowLink Inc. All Post Contact Form allows Upload a Web Shell to a Web Server.This issue affects All Post Contact Form: from n/a through 1.7.3...
WordPress WP Social Comments plugin <= 1.7.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin WP Social Comments versions = 1.7.3...