14 matches found
CVE-2025-2880
The Yame | Link In Bio plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.9.0 through the publicly accessible phpinfo.php script. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in t...
CVE-2025-1436
The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2025-1436
The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13884
The Limit Bio WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2025-1436 Limit Bio <= 1.0 - Stored XSS via CSRF
The Limit Bio WordPress plugin through 1.0 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-13884 Limit Bio <= 1.0 - Reflected XSS
The Limit Bio WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Limit Bio 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2025-11155 · WordPress · Limit Bio Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Limit Bio WordPress plugin versions 1.0 and earlier Description: The issue concerns a lack of CSRF check when updating settings in the Limit Bio WordPress plugin, along with missing sanitization and escaping. This could allow attackers to mak...
PT-2025-11147 · WordPress · Limit Bio Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Limit Bio WordPress plugin versions 1.0 and earlier Description: The issue arises from the plugin not sanitizing and escaping a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. This could be used...
WordPress Limit Bio plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Limit Bio versions = 1.0...
WordPress Social Author Bio Plugin <= 2.4 is vulnerable to Cross Site Scripting (XSS)
Software Social Author Bio Type Plugin Vulnerable versions = 2.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30545 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 30e2380972a1 Credits Cronus Required privilege...
WordPress WP Author Bio Plugin <= 1.5.5 is vulnerable to Cross Site Scripting (XSS)
Software WP Author Bio Type Plugin Vulnerable versions = 1.5.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8d1ecdffe415 Credits Rafie Muhammad Patchstack Required...
WordPress WP Link Bio plugin <= 1.4.4 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress WP Link Bio plugin versions = 1.4.4. Solution No patched version available...
Exploit for Cross-site Scripting in Wp_Html_Author_Bio_Project Wp_Html_Author_Bio
CVE-2021-24545 현재는 plugin으로 배포가 중단되어 있는 플러그인에서 발견된 XSS 취약점입니다...