5 matches found
PT-2025-43793
Missing Authorization vulnerability in adivaha® Flights & Hotels Booking WP Plugin adiaha-hotel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flights & Hotels Booking WP Plugin: from n/a through = 3.1...
CVE-2025-10303
The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7librarymanagementajaxhandler function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with...
CVE-2025-30627
CVE-2025-30627 describes a Stored XSS in Elegant Visitor Counter (WordPress plugin) due to improper input neutralization during web page generation. Affected software: Elegant Visitor Counter up to version 3.1. Root cause: inadequate sanitization of input leading to script injection in pages gene...
WordPress ZipList Recipe plugin <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin ZipList Recipe versions = 3.1...
WordPress Ziggeo plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Ziggeo versions = 3.1...