9 matches found
CVE-2026-22458 WordPress Wanderland theme <= 1.5 - Broken Access Control vulnerability
Missing Authorization vulnerability in Mikado-Themes Wanderland wanderland allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wanderland: from n/a through = 1.5...
CVE-2025-68879
CVE-2025-68879 is a Reflected XSS in Content Grid Slider for WordPress. The issue is caused by improper neutralization of input during web page generation, affecting Content Grid Slider versions up to 1.5. Public exploitation status is not detailed in the provided documents. The connected Wordfen...
CVE-2023-22675 WordPress WP Fast Cache plugin <= 1.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Taylor Hawkes WP Fast Cache allows Cross Site Request Forgery.This issue affects WP Fast Cache: from n/a through 1.5...
WordPress WP System Information Plugin <= 1.5 - Sensitive Data Exposure Vulnerability
Sensitive Data Exposure Vulnerability discovered by Nabil Irawan in WordPress Plugin WP System Information versions = 1.5...
CVE-2025-7955
The RingCentral Communications plugin for WordPress is vulnerable to Authentication Bypass due to improper validation within the ringcentraladminlogin2faverify function in versions 1.5 to 1.6.8. This makes it possible for unauthenticated attackers to log in as any user simply by supplying identic...
CVE-2023-30149
SQL injection vulnerability in the City Autocomplete cityautocomplete module from ebewe.net for PrestaShop, prior to version 1.8.12 for PrestaShop version 1.5/1.6 or prior to 2.0.3 for PrestaShop version 1.7, allows remote attackers to execute arbitrary SQL commands via the type, inputname. or q...
PT-2025-2182 · WordPress · Testimonial Slider
Name of the Vulnerable Software and Affected Versions: WE – Testimonial Slider plugin for WordPress versions 1.5 and earlier Description: The issue is related to Stored Cross-Site Scripting via Testimonial Author Names due to insufficient input sanitization and output escaping. This allows...
XenForo Remote Code Execution Vulnerability
XenForo is a community forum software with a fresh interface and a powerful engine. A remote code execution vulnerability exists in XenForo versions between 1.5.x and 1.5.11a, which can be exploited by an attacker to execute arbitrary code by constructing a specific HTTP request...
PT-2013-2197
Name of the Vulnerable Software and Affected Versions Rack versions 1.4.x through 1.4.4 Rack versions 1.5.x through 1.5.1 Description The issue allows attackers to access arbitrary files outside the intended root directory via a crafted PATH INFO environment variable, probably a directory travers...