CVE-2025-62043

CVE-2025-62043: WPCasa WordPress plugin is affected up to version 1.4.1 by a DOM-based XSS due to improper neutralization of input during web page generation. The vulnerability affects WPCasa (and related WPSight/WPCasa references) with a CVSS v3.1 base score of 6.5 (Medium) and requires user int...

WordPress WPCasa plugin <= 1.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin WPCasa versions = 1.4.1...

EUVD-2025-30829

Malicious code in bioql PyPI...

CVE-2025-9321 WPCasa <= 1.4.1 - Unauthenticated Code Injection

The WPCasa plugin for WordPress is vulnerable to Code Injection in all versions up to, and including, 1.4.1. This is due to insufficient input validation and restriction on the 'apirequests' function. This makes it possible for unauthenticated attackers to call arbitrary functions and execute cod...

CVE-2025-9321 WPCasa <= 1.4.1 - Unauthenticated Code Injection

The WPCasa plugin for WordPress is vulnerable to Code Injection in all versions up to, and including, 1.4.1. This is due to insufficient input validation and restriction on the 'apirequests' function. This makes it possible for unauthenticated attackers to call arbitrary functions and execute cod...

CVE-2025-9321

CVE-2025-9321 (WPCasa for WordPress) The WPCasa plugin (WordPress) up to version 1.4.1 is affected by unauthenticated Code Injection due to insufficient input validation in the api_requests function, enabling attackers to call arbitrary functions and execute code. The issue is rated CRITICAL (CVS...

WordPress WPCasa plugin <= 1.4.1 - Unauthenticated Code Injection vulnerability

Unauthenticated Code Injection vulnerability discovered by mikemyers in WordPress Plugin WPCasa versions = 1.4.1...

WordPress WPCasa plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin WPCasa versions = 1.3.2...

WordPress plugin WPCasa 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2024-53826 WordPress WPCasa plugin <= 1.2.13 - Insecure Direct Object References (IDOR) vulnerability

Missing Authorization vulnerability in WPSight WPCasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through 1.2.13...