CVE-2026-32495

Missing Authorization vulnerability in Link Software LLC WP Terms Popup wp-terms-popup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Terms Popup: from n/a through = 2.10.0...

CVE-2026-32495

CVE-2026-32495 is a Missing Authorization vulnerability impacting the WP Terms Popup (WP Terms Popup) WordPress plugin, affecting versions from unknown up to and including 2.10.0. The root cause is an incorrectly configured access control security level (Missing Authorization), which can allow an...

CVE-2025-62139 WordPress Terms descriptions plugin <= 3.4.9 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9...

CVE-2025-62139

CVE-2025-62139 affects the Terms descriptions plugin (versions

WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Terms descriptions versions = 3.4.10...

CVE-2025-39534 WordPress Terms Dictionary Plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Somonator Terms Dictionary terms-dictionary allows Reflected XSS.This issue affects Terms Dictionary: from n/a through = 1.5.1...

CVE-2025-39534 WordPress Terms Dictionary Plugin <= 1.5.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Somonator Terms Dictionary terms-dictionary allows Reflected XSS.This issue affects Terms Dictionary: from n/a through = 1.5.1...

CVE-2025-31440 WordPress Terms of Use plugin <= 2.0 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Strategy11 Team Terms of Use allows Stored XSS. This issue affects Terms of Use: from n/a through 2.0...

WordPress Terms descriptions Plugin <= 3.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Terms descriptions Type Plugin Vulnerable versions = 3.4.4 Fixed in 3.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2f42703e921f Credits Kindaichi Hiro...

CVE-2023-24006

Auth. admin+ Cross-Site Scripting XSS vulnerability in Link Software LLC WP Terms Popup plugin = 2.6.0 versions...

PT-2023-19356 · Link Software Llc · Wp Terms Popup

Name of the Vulnerable Software and Affected Versions: Link Software LLC WP Terms Popup plugin versions = 2.6.0 Description: The issue is related to an Authenticated admin+ Cross-Site Scripting XSS vulnerability. This means that an attacker with administrative access could potentially inject...