WordPress Originality.ai AI Checker plugin <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Scan Log Deletion via ' ai_scan_result_remove' vulnerability

Missing Authorization to Authenticated Subscriber+ Scan Log Deletion via ' aiscanresultremove' vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Originality.ai AI Checker versions = 1.0.12...

EUVD-2014-1273

Malware in sbrugna...

CVE-2014-125105

A vulnerability was found in Broken Link Checker Plugin up to 1.10.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function optionspage of the file core/core.php of the component Settings Page. The manipulation of the argument exclusionlist/blccustomfiel...

CVE-2023-47810

CVE-2023-47810 affects the WordPress Ajax Domain Checker plugin up to version 1.3.0. Root cause: improper neutralization of input during web page generation, leading to Stored Cross‑Site Scripting (XSS) as described in multiple sources. Exploitation context from connected docs indicates the vulne...

CVE-2023-24421

CVE-2023-24421 refers to a Cross-Site Request Forgery (CSRF) vulnerability in the WP Engine PHP Compatibility Checker plugin, affected versions

CVE-2014-125105

CVE-2014-125105 affects the WordPress Broken Link Checker Plugin (up to v1.10.1). The vulnerability resides in the options_page function within core/core.php, where manipulation of the exclusion_list/blc_custom_fields parameter enables cross-site scripting. The issue can be exploited remotely. A ...

Cross site scripting

A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function printmodulelist/showwarningssectionnotice/statustext/uigetactionlinks. The manipulation leads to cross site scripting. The attack may be...

CVE-2015-10098

The CVE affects WordPress Broken Link Checker Plugin versions up to 1.10.5. The vulnerability is an XSS in the plugin’s UI rendering functions (print_module_list/show_warnings_section_notice/status_text/ui_get_action_links), enabling cross-site scripting via manipulation. The issue can be trigger...

CVE-2023-25782

Auth. admin+ vulnerability in Second2none Service Area Postcode Checker plugin = 2.0.8 versions...

Moodle Command Execution Vulnerability

Moodle is a learning platform designed to provide educators, administrators, and learners with a system for creating personalized learning environments. A command execution vulnerability exists in an older version of the Spell Checker plugin that is included by default in Moodle version 3.10. An...

CVE-2015-5057

Cross-site scripting XSS vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed...

Cross site scripting

Cross-site scripting XSS vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed...

CVE-2015-5057

Cross-site scripting XSS vulnerability exists in the Wordpress admin panel when the Broken Link Checker plugin before 1.10.9 is installed...

CVE-2015-5057

CVE-2015-5057 describes a Cross-site Scripting (XSS) vulnerability in the WordPress admin panel introduced by the Broken Link Checker plugin prior to version 1.10.9. The issue affects WordPress installations using this plugin and is triggered in the admin area, allowing potential manipulation of ...

CVE-2002-1650

The spell checker plugin checkme.mod.php for SquirrelMail before 1.2.3 allows remote attackers to execute arbitrary commands via a modified sqspellcommand parameter...