14 matches found
CVE-2025-67961
Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...
CVE-2025-67961
Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...
CVE-2025-67961
CVE-2025-67961 : SSRF in the WordPress WPO365 plugin’s wpo365-login component (affecting WPO365 v1.x through = 40.0) or apply vendor-provided patch; refer to Patchstack/RedHat/CVE records for the exact patched version. If patch not yet applied in environments, monitor for updates and apply once a...
CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...
CVE-2025-67961 WordPress WPO365 plugin <= 40.0 - Server Side Request Forgery (SSRF) vulnerability
Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...
CVE-2025-67961
Server-Side Request Forgery SSRF vulnerability in Marco van Wieren WPO365 wpo365-login allows Server Side Request Forgery.This issue affects WPO365: from n/a through = 40.0...
PT-2026-4041
Name of the Vulnerable Software and Affected Versions Marco van Wieren WPO365 versions n/a through 40.0 Description A Server-Side Request Forgery SSRF vulnerability exists in the wpo365-login component of Marco van Wieren WPO365. This flaw allows for Server Side Request Forgery. Recommendations...
CVE-2021-43409
The “WPO365 | LOGIN” WordPress plugin up to and including version 15.3 by wpo365.com is vulnerable to a persistent Cross-Site Scripting XSS vulnerability also known as Stored or Second-Order XSS. Persistent XSS vulnerabilities occur when the application stores and retrieves client supplied data...
WordPress 跨站脚本漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin WPO365 | LOGIN 15.3 and prior...
CVE-2020-26511
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...
CVE-2020-26511
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...
Authentication flaw
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...
CVE-2020-26511
The CVE-2020-26511 entry concerns the WordPress plugin wpo365-login prior to v11.7. The issue is that the plugin uses a symmetric algorithm to decrypt a JWT token, enabling authentication bypass. Concrete details from connected sources specify the affected product (WordPress plugin wpo365-login),...
CVE-2020-26511
The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. This leads to authentication bypass...