90 matches found
WordPress plugin WP Social Ninja 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
EUVD-2025-202985
The Simple Theme Changer plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the userthemeadmin, displaymethodadmin, and setchangethemebuttonname actions actions in all versions up to, and including, 1.0. This makes it possible for...
EUVD-2025-202969
The Product Filtering by Categories, Tags, Price Range for WooCommerce – Filter Plus plugin for WordPress is vulnerable to unauthorized modification of data in all versions up to, and including, 1.1.5 due to a missing capability check on the 'filtersavesettings' and 'addfilteroptions' AJAX action...
WordPress plugin Infility Global 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...
WordPress plugin Ultra Addons for Contact Form 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security vulnerability exists in...
CVE-2025-12721
The g-FFL Cockpit plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.7.1 via the /serverstatus REST API endpoint due to a lack of capability checks. This makes it possible for unauthenticated attackers to extract information about the serv...
CVE-2025-11373
CVE-2025-11373 concerns the Depicter Popup & Slider Builder for WordPress. The root cause is a missing capability check in the depicter-media-upload AJAX route, affecting all versions up to and including 4.0.4. This enables authenticated attackers with Contributor-level access or higher to upload...
WordPress plugin Product Filter by WBW security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
WordPress plugin NGINX Cache Optimizer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
CVE-2025-11887
The Supervisor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX functions in all versions up to, and including, 1.3.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update...
EUVD-2025-35806
The Microsoft Azure Storage for WordPress plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Deletion in all versions up to, and including, 4.5.1. This is due to missing capability checks on the 'azure-storage-media-replace' AJAX action. This makes it possible for authenticated...
CVE-2025-11196
The External Login plugin for WordPress is vulnerable to sensitive information exposure in all versions up to, and including, 1.11.2 due to the 'exlogtestconnection' AJAX action lacking capability checks or nonce validation. This makes it possible for authenticated attackers, with subscriber-leve...
EUVD-2025-34549
The Library Management System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the owt7librarymanagementajaxhandler function in all versions up to, and including, 3.1. This makes it possible for authenticated attackers, with...
EUVD-2024-48316
Malicious code in bioql PyPI...
PT-2025-38630
Name of the Vulnerable Software and Affected Versions Secure Passkeys plugin for WordPress versions up to and including 1.2.1 Description The Secure Passkeys plugin for WordPress is susceptible to unauthorized access due to a missing capability check within the delete passkey and passkeys list...
CVE-2025-9542
The AutomatorWP – Automator plugin for no-code automations, webhooks & custom integrations in WordPress plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on multiple plugin's functions in all versions up to, and including, 5.3.7...
WordPress plugin LiquidThemes 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
WordPress B Slider - Gutenberg Slider Block for WP plugin code execution vulnerability
WordPress B Slider - Gutenberg Slider Block for WP plugin is a core editor plugin that comes with WordPress and is part of the Gutenberg editor that was introduced in WordPress version 5.9. A code execution vulnerability exists in WordPress B Slider- Gutenberg Slider Block for WP plugin, which...
WordPress plugin Ultimate Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Malcure...