EUVD-2026-15758

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through = 14.0.31...

CVE-2026-27040 WordPress WZone plugin <= 14.0.31 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in AA-Team WZone woozone allows Path Traversal.This issue affects WZone: from n/a through = 14.0.31...

CVE-2026-27039 WordPress WZone plugin <= 14.0.31 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through = 14.0.31...

CVE-2026-27039 WordPress WZone plugin <= 14.0.31 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone woozone allows Blind SQL Injection.This issue affects WZone: from n/a through = 14.0.31...

CVE-2026-27039

CVE-2026-27039 describes an SQL Injection vulnerability in the WooCommerce Amazon Affiliates plugin for WordPress (WooZone). The issue affects WooZone versions up to and including 14.0.31. The CVSS 3.1 vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L with a base score of 8.5 (HIGH), indicat...

WordPress WZone plugin <= 14.0.31 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WZone versions = 14.0.31...

CVE-2026-25473

CVE-2026-25473 affects the WordPress WZone plugin versions up to and including 14.0.31, describing a Missing Authorization / Broken Access Control vulnerability in AA-Team WZone woozone due to incorrectly configured access control. Reported impact indicates potential issues with access control (I...

CVE-2026-25473 WordPress WZone plugin <= 14.0.31 - Broken Access Control vulnerability

Missing Authorization vulnerability in AA-Team WZone woozone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WZone: from n/a through = 14.0.31...

WordPress WZone plugin <= 14.0.31 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WZone versions = 14.0.31...

CVE-2024-33545 WordPress WZone plugin <= 14.0.10 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10...

CVE-2024-33547 WordPress WZone plugin <= 14.0.10 - Site Wide Broken Access Control vulnerability

Missing Authorization vulnerability in AA-Team WZone.This issue affects WZone: from n/a through 14.0.10...

WordPress plugin WZone 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WZone <= 14.0.10 - Missing Authorization

Description The WZone plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 14.0.10. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform unauthorized actions...

CVE-2024-33544 WordPress WZone plugin <= 14.0.10 - Unauthenticated SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10...

CVE-2024-33548 WordPress WZone plugin <= 14.0.10 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10...

WordPress plugin WZone SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress WZone plugin < 14.1.00 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WZone versions 14.1.00...

WordPress WZone plugin < 14.1.00 - Site Wide Broken Access Control vulnerability

Site Wide Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WZone versions 14.1.00...

WordPress WZone plugin <= 14.0.33 - Arbitrary SQL Update Execution vulnerability

Arbitrary SQL Update Execution vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WZone versions = 14.0.33...

WordPress WZone plugin < 14.1.00 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WZone versions 14.1.00...