CVE-2026-57320

CVE-2026-57320 analyzes show an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress BEAR plugin, affected versions <= 1.1.8. The issue is described as an XSS in BEAR, with no publicly provided exploit details in the connected documents. The available entries identify the ...

CVE-2026-45213 WordPress BEAR plugin <= 1.1.7.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through = 1.1.7.1...

CVE-2026-27415 WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5...

WordPress BEAR plugin <= 1.1.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by benzdeus in WordPress Plugin BEAR versions = 1.1.5...

WordPress BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin <= 1.1.5 - Cross-Site Request Forgery to Taxonomy Term Deletion vulnerability

WordPress BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin = 1.1.5 - Cross-Site Request Forgery to Taxonomy Term Deletion vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin BEAR versions = 1.1.5...

WordPress BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin <= 1.1.5 - Cross-Site Request Forgery to Product Data Modification vulnerability

WordPress BEAR - Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net plugin = 1.1.5 - Cross-Site Request Forgery to Product Data Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin BEAR versions = 1.1.5...

CVE-2025-26775 WordPress BEAR Plugin <= 1.1.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 BEAR woo-bulk-editor allows Stored XSS.This issue affects BEAR: from n/a through = 1.1.4.4...

CVE-2025-26775 WordPress BEAR Plugin <= 1.1.4.4 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in RealMag777 BEAR woo-bulk-editor allows Stored XSS.This issue affects BEAR: from n/a through = 1.1.4.4...

WordPress BEAR plugin <= 1.1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das in WordPress Plugin BEAR versions = 1.1.4.1...

WordPress BEAR Plugin <= 1.1.4.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software BEAR Type Plugin Vulnerable versions = 1.1.4.1 Fixed in 1.1.4.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31430 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4956c1908b33 Credits Dhabaleshwar Das Required...

WordPress BEAR Plugin <= 1.1.4.2 is vulnerable to Cross Site Scripting (XSS)

Software BEAR Type Plugin Vulnerable versions = 1.1.4.2 Fixed in 1.1.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30200 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2c6d05b2fb54 Credits Rafie Muhammad Patchstack Required...

CVE-2024-24834 WordPress BEAR Plugin <= 1.1.4 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net allows Stored XSS.This issue affects BEAR – Bulk Editor and Products Manager Professional for...

WordPress BEAR Plugin <= 1.1.4 is vulnerable to Broken Access Control

Software BEAR Type Plugin Vulnerable versions = 1.1.4 Fixed in 1.1.4.1 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-24835 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5d569bb55eee Credits Mika Required privilege Subscriber...

CVE-2023-4943 BEAR <= 1.1.3.3 - Missing Authorization to Product Manipulation

The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3. This is due to a missing capability check on the woobebulkoperationsvisibility function. This makes it possible for authenticated attackers subscriber or higher to manipulate products...

WordPress Plugin BEAR Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...