14 matches found
WordPress Checkbox plugin unauthorized data loss vulnerability
WordPress Checkbox plugin are functional plugins designed to add or enhance checkbox functionality to a website. WordPress Checkbox plugin suffers from an unauthorized data loss vulnerability that stems from a lack of permission checking, which can be exploited by an attacker to cause unauthorize...
CVE-2025-12170
The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...
WordPress Checkbox plugin <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing vulnerability
Missing Authorization to Unauthenticated Log Clearing vulnerability discovered by Legion Hunter in WordPress Plugin Checkbox versions = 2.8.10...
CVE-2025-12170
The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...
EUVD-2025-198407
The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...
CVE-2025-12170 Checkbox <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing
The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...
CVE-2025-12170 Checkbox <= 2.8.10 - Missing Authorization to Unauthenticated Log Clearing
The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wpajaxnoprivcheckboxcleanlog' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...
CVE-2025-12170
CVE-2025-12170 applies to the WordPress Checkbox plugin (
WordPress plugin Checkbox 安全漏洞
WordPress Checkbox plugin are functional plugins designed to add or enhance checkbox functionality to a website. WordPress Checkbox plugin suffers from an unauthorized data loss vulnerability that stems from a lack of permission checking, which can be exploited by an attacker to cause unauthorize...
PT-2025-47693
The Checkbox plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'wp ajax nopriv checkbox clean log' AJAX endpoint in all versions up to, and including, 2.8.10. This makes it possible for unauthenticated attackers to clear log files...
WordPress Checkbox Plugin <= 0.8.3 is vulnerable to Cross Site Scripting (XSS)
Software Checkbox Type Plugin Vulnerable versions = 0.8.3 Fixed in 0.8.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 36822a9c98e8 Credits Rafie Muhammad Patchstack Required privileg...
WordPress Checkbox plugin <= 0.8.3 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Checkbox plugin versions = 0.8.3. Solution Update the WordPress Checkbox plugin to the latest available version at least 0.8.4...
WordPress Checkbox plugin <= 0.8.3 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Checkbox plugin versions = 0.8.3. Solution Update the WordPress Checkbox plugin to the latest available version at least 0.8.4...
Jenkins 插件跨站脚本漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.A cross-site scripting vulnerability exists in Jenkins Custom Checkbox Parameter Plugin 1.1 and earlier versions, which ste...