WordPress Widget Options - Extended plugin <= 5.3.2 - Authenticated (Contributor+) Remote Code Execution vulnerability

WordPress Widget Options - Extended plugin = 5.3.2 - Authenticated Contributor+ Remote Code Execution vulnerability discovered by ? in WordPress Plugin Widget Options - Extended versions = 5.3.2...

EUVD-2025-30831

Malicious code in bioql PyPI...

CVE-2025-8902

The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8902

The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8902 Widget Options - Extended <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-8902

CVE-2025-8902 refers to the WordPress plugin Widget Options - Extended . The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in the plugin’s shortcodes (specifically the do_sidebar shortcode) across versions up to and including 5.2.1, caused by insufficient input sanitization and output...

CVE-2025-8902 Widget Options - Extended <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Widget Options - Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dosidebar' shortcode in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Widget Options - Extended 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Widget Options - Extended plugin <= 5.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress Widget Options - Extended plugin = 5.2.1 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Widget Options - Extended versions = 5.2.1...

CVE-2024-35691

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Marketing Fire, LLC Widget Options - Extended.This issue affects Widget Options - Extended: from n/a through 5.1.0...

Widget Options - Extended <= 5.1.0 & Widget Options <= 4.0.1 - Authenticated (Subscriber+) Information Disclosure

Description The Widget Options - Extended plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to 5.1.3 exclusive for Widget Options - Extended and all versions up to, and including, 4.0.1 for Widget Options. This makes it possible for unauthenticated attackers ...

CVE-2024-35691

Technical details about CVE-2024-35691 are not provided in the connected documents. Public information in the initial record is limited to a generic exposure claim for Widget Options - Extended up to version 5.1.0. Monitor for updates and official advisories.

WordPress plugin Widget Options - Extended Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. An information disclosure...

WordPress Widget Options Extended plugin <= 5.1.0 - Subscriber+ User Meta Data Exposure Vulnerability

Subscriber+ User Meta Data Exposure Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Widget Options - Extended versions = 5.1.0...

WordPress Widget Options Extended plugin <= 5.1.0 - Subscriber+ Private/Draft Post Exposure Vulnerability

Subscriber+ Private/Draft Post Exposure Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Widget Options - Extended versions = 5.1.0...