CVE-2024-37945 WordPress WPBITS Addons For Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through = 1.5...

CVE-2025-8285

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to create channel subscription without proper access to the channel via API call to the create channel subscription endpoint...

WordPress plugin Pastebin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-45063

Cross-Site Request Forgery CSRF vulnerability in ReCorp AI Content Writing Assistant Content Writer, GPT 3 & 4, ChatGPT, Image Generator All in One plugin = 1.1.5 versions...

Kreado Kreasfero SQL注入漏洞

Kreado Kreasfero is an open source CMS from the German company Kreado. A security vulnerability exists in Kreado Kreasfero version 1.5, which is caused by a SQL injection vulnerability in the id parameter...

Command Execution Vulnerability in PHPSHE B2C Mall System v1.5

PHPSHE online shopping mall system provides users with a low-cost, high-efficiency online shopping mall construction program. A command execution vulnerability exists in PHPSHE B2C Mall System v1.5. Attackers can use this vulnerability to execute commands, such as arbitrarily deleting files,...