CVE-2025-67586 WordPress Highlight and Share plugin <= 5.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ronald Huereca Highlight and Share highlight-and-share allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Highlight and Share: from n/a through = 5.2.0...

CVE-2025-67586

CVE-2025-67586 corresponds to a Missing Authorization vulnerability in the WordPress plugin Highlight and Share (highlight-and-share). Public details in connected docs confirm affected software: Highlight and Share (WordPress plugin) vulnerable up to version 5.2.0. The CVE has CVSS v3.1 base scor...

CVE-2024-56297

CVE-2024-56297 is a Stored XSS in the WordPress Highlight plugin (dn88 Highlight). Affected range: from n/a through 2.0.2. Root cause per description: Improper Neutralization of Input During Web Page Generation. Impact is limited to stored XSS in pages generated by the plugin; exploitation detail...

CVE-2024-56297 WordPress Highlight plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in QuantumCloud Highlight highlight allows Stored XSS.This issue affects Highlight: from n/a through = 2.0.2...

CVE-2024-56297 WordPress Highlight plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dn88 Highlight allows Stored XSS.This issue affects Highlight: from n/a through 2.0.2...

CVE-2024-37458 WordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in ExtendThemes Highlight allows Cross Site Request Forgery.This issue affects Highlight: from n/a through 1.0.29...

CVE-2024-37458

CVE-2024-37458 is a CSRF vulnerability in the WordPress theme ExtendThemes Highlight, affecting the Highlight theme versions from unspecified pre-1.0.x up to 1.0.29. The connected records confirm the vulnerability is CSRF (Cross Site Request Forgery) and reference WordPress/Red Hat and CVE databa...

CVE-2024-37458 WordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in extendthemes Highlight highlight allows Cross Site Request Forgery.This issue affects Highlight: from n/a through = 1.0.29...

WordPress Theme Highlight Premium - Cross-Site Request Forgery Arbitrary File Upload

WordPress Theme Highlight Premium - Cross-Site Request Forgery Arbitrary File Upload Title : Wordpress Highlight Premium Themes CSRF File Upload Vulnerability Author : DevilScreaM Date : 11/10/2013 - 10 November 2013 Category : Web Applications Type : PHP Vendor : http://themeforest.net Download ...