27 matches found
CVE-2026-2052 Widget Options <= 4.2.2 - Authenticated (Contributor+) Remote Code Execution via Display Logic
The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.2 via the Display Logic feature. This is due to the plugin using eval on user-supplied Display Logic...
WordPress plugin Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets 代码注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...
EUVD-2024-42348
Malicious code in bioql PyPI...
EUVD-2023-31210
Malicious code in bioql PyPI...
EUVD-2025-30626
Malicious code in bioql PyPI...
CVE-2025-58029
Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets classic-widgets-with-block-based-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Classic Widgets with Block-based Widgets: from n/a through = 1.0.1...
CVE-2025-58029
Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets classic-widgets-with-block-based-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Classic Widgets with Block-based Widgets: from n/a through = 1.0.1...
CVE-2025-58029
CVE-2025-58029 is a Missing Authorization vulnerability in the WordPress plugin family Classic Widgets with Block-based Widgets (affected: Classic Widgets with Block-based Widgets, versions
CVE-2025-58029 WordPress Classic Widgets with Block-based Widgets Plugin <= 1.0.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets classic-widgets-with-block-based-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Classic Widgets with Block-based Widgets: from n/a through = 1.0.1...
CVE-2025-58029 WordPress Classic Widgets with Block-based Widgets Plugin <= 1.0.1 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets classic-widgets-with-block-based-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Classic Widgets with Block-based Widgets: from n/a through = 1.0.1...
WordPress plugin Classic Widgets with Block-based Widgets 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
PT-2025-38878
Name of the Vulnerable Software and Affected Versions Sumit Singh Classic Widgets with Block-based Widgets versions through 1.0.1 Description A missing authorization issue exists in Sumit Singh Classic Widgets with Block-based Widgets. The issue allows access to functionality that is not properly...
CVE-2023-27434
Cross-Site Request Forgery CSRF vulnerability in WPGrim Classic Editor and Classic Widgets plugin = 1.2.5 versions...
CVE-2024-47312
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through = 1.4.1...
CVE-2024-47312
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through = 1.4.1...
CVE-2024-47312 WordPress Classic Editor and Classic Widgets plugin <= 1.4.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through = 1.4.1...
CVE-2024-47312 WordPress Classic Editor and Classic Widgets plugin <= 1.4.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through = 1.4.1...
PT-2024-32524 · Unknown · Classic Widgets +1
Name of the Vulnerable Software and Affected Versions: WPGrim Classic Editor and Classic Widgets versions 1.4.1 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows attackers to...
WordPress plugin Classic Editor and Classic Widgets SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
WordPress Classic Editor and Classic Widgets plugin <= 1.4.1 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Classic Editor and Classic Widgets versions = 1.4.1...