WordPress Nouri.sh Newsletter plugin <= 1.0.1.3 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Nouri.sh Newsletter versions = 1.0.1.3...

CVE-2025-13515 Nouri.sh Newsletter <= 1.0.1.3 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF']

The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 1.0.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2025-49229

The Nouri.sh Newsletter plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $ SERVER'PHP SELF' parameter in all versions up to, and including, 1.0.1.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

WordPress plugin Error Log Viewer By WP Guru 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...

PT-2025-1964 · Wp Guru · Error Log Viewer By Wp Guru

Name of the Vulnerable Software and Affected Versions: Error Log Viewer By WP Guru plugin for WordPress versions up to, and including, 1.0.1.3 Description: The issue allows unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information, vi...

WordPress Error Log Viewer plugin <= 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read vulnerability

Missing Authorization to Unauthenticated Arbitrary File Read vulnerability discovered by yudha in WordPress Plugin Error Log Viewer versions = 1.0.1.3...

WordPress Error Log Viewer by WP Guru 1.0.1.3 Arbitrary File Read Vulnerability

CVE-2024-12849 Error Log Viewer By WP Guru = 1.0.1.3 - Missing Authorization to Unauthenticated Arbitrary File Read Description The Error Log Viewer By WP Guru plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 1.0.1.3 via the...