243 matches found
CVE-2025-67562
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through 20.0...
CVE-2025-67562
CVE-2025-67562 involves a Missing Authorization vulnerability in Image Caption Hover Pro (image-caption-hover-pro), where Access Control is incorrectly configured, potentially allowing access to restricted resources. Affected: Image Caption Hover Pro versions
CVE-2025-67562 WordPress Image Caption Hover Pro plugin < 20.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through 20.0...
CVE-2025-67562 WordPress Image Caption Hover Pro plugin < 20.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Caption Hover Pro: from n/a through 20.0...
WordPress plugin Image Caption Hover Pro 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-49936
Name of the Vulnerable Software and Affected Versions Image Caption Hover Pro versions prior to 20.0 Description An authorization issue exists in WebCodingPlace Image Caption Hover Pro image-caption-hover-pro, allowing exploitation due to incorrectly configured access control security levels...
CVE-2025-11801
The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in all versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11801
The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in all versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11801
The AudioTube WordPress plugin (versions
CVE-2025-11801 AudioTube <= 0.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in all versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-11801 AudioTube <= 0.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in all versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping. This makes it possible for...
EUVD-2025-198399
The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in all versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2025-47685
The AudioTube plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'caption' shortcode attribute of the 'audiotube' shortcode in all versions up to, and including, 0.0.3. This is due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-12691
The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption...
CVE-2025-12691
The CVE-2025-12691 entry concerns the Photonic Gallery & Lightbox for Flickr, SmugMug & Others WordPress plugin (versions <= 3.21). The connected Wordfence report confirms a stored cross-site scripting flaw in the lightbox caption attribute, exploitable by authenticated users with contributor+...
CVE-2025-12691 Photonic Gallery & Lightbox for Flickr, SmugMug & Others <= 3.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute
The Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's lightbox functionality in all versions up to, and including, 3.21 due to insufficient input sanitization and output escaping on user supplied caption...
WordPress Photonic Gallery & Lightbox for Flickr, SmugMug & Others plugin <= 3.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via Caption Attribute vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Caption Attribute vulnerability discovered by Webbernaut in WordPress Plugin Photonic Gallery & Lightbox for Flickr, SmugMug & Others versions = 3.21...
EUVD-2019-18546
Malware in sbrugna...
EUVD-2019-5524
Malware in sbrugna...
EUVD-2023-2433
Malicious code in bioql PyPI...