CVE-2026-4120

The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnUrl' parameter within the Info Cards block in all versions up to, and including, 2.0.7. This is due to insufficient input validation on URL schemes, specifically the...

WordPress Info Cards plugin <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Block Attributes vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Info Cards versions = 2.0.7...

CVE-2026-4120

The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the btnUrl parameter in the Info Cards block for all versions up to 2.0.7. Insufficient input validation on URL schemes allows javascript: URLs to slip through the JSON data p...

PT-2026-26259

The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnUrl' parameter within the Info Cards block in all versions up to, and including, 2.0.7. This is due to insufficient input validation on URL schemes, specifically the...

WordPress plugin Info Cards – Add Text and Media in Card Layouts 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

CVE-2025-54711

CVE-2025-54711 concerns a Missing Authorization vulnerability in the WordPress plugin Info Cards (versions

CVE-2025-54711 WordPress Info Cards Plugin <= 1.0.11 - Broken Access Control Vulnerability

Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Info Cards: from n/a through = 1.0.11...

EUVD-2017-8262

Malware in sbrugna...

CVE-2024-1857

The Ultimate Gift Cards for WooCommerce – Create, Redeem & Manage Digital Gift Certificates with Personalized Templates plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.6.6 via the wpswgmpreviewemailtemplate. This makes it possible for...

CVE-2023-28662

The Gift Cards Gift Vouchers and Packages WordPress Plugin, version = 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgvdoajaxvoucherpdfsavefunc action...

CVE-2021-4391

The Ultimate Gift Cards for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.1.1. This is due to missing or incorrect nonce validation on the mwbwgmsavepost function. This makes it possible for unauthenticated attackers to modify...

WordPress WP Cards plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Cards versions = 1.5.1...

WordPress plugin Info Cards 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-13520

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

CVE-2024-13520

CVE-2024-13520 — The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) WordPress plugin is vulnerable due to a missing capability check in update_voucher_price, update_voucher_date, and update_voucher_note, affecting all versions up to 4.4.6. This allows unauthenticated attackers to...

CVE-2024-13520 Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) <= 4.4.9 - Missing Authorization to Unauthenticated Price, Date, and Note Updates

The Gift Cards Gift Vouchers and Packages WooCommerce Supported plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capability check on the 'updatevoucherprice', 'updatevoucherdate', 'updatevouchernote' functions in all versions up to, and...

WordPress plugin Gift Cards 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Ultimate Gift Cards for WooCommerce plugin <= 3.0.6 - Missing Authorization to Infinite Money Glitch vulnerability

Missing Authorization to Infinite Money Glitch vulnerability discovered by Ross Harper in WordPress Plugin Ultimate Gift Cards For WooCommerce versions = 3.0.6...

WordPress plugin Ultimate Gift Cards for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-9165

CVE-2024-9165 : Gift Cards (WooCommerce Supported) WordPress plugin contains a stored XSS via SVG file uploads in all versions