Exploit for CVE-2025-11171

CVE-2025-11171: Missing Authentication in Chartify WordPress Plu...

CVE-2025-11171

The Chartify – WordPress Chart Plugin for WordPress is vulnerable to Missing Authentication for Critical Function in all versions up to, and including, 3.5.9. This is due to the plugin registering an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter,...

CVE-2025-11171

CVE-2025-11171 affects the Chartify – WordPress Chart Plugin (up to version 3.5.9). A Missing Authentication for a Critical Function vulnerability arises from an unauthenticated AJAX action that dispatches to admin-class methods based on a request parameter without nonce or capability checks. Thi...

EUVD-2023-51637

Malicious code in bioql PyPI...

CVE-2024-10571

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

CVE-2024-10571

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

CVE-2024-10571

The CVE-2024-10571 entry concerns the Chartify – WordPress Chart Plugin (Chart Builder) for WordPress, affected through version 2.9.5 (

CVE-2023-47526

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chart Builder Team Chartify – WordPress Chart Plugin allows Stored XSS.This issue affects Chartify – WordPress Chart Plugin: from n/a through 2.0.6...