215 matches found
CVE-2024-13895
The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13895
The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13895
The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13895
The CVE CVE-2024-13895 applies to the WordPress plugin Code Snippets CPT (Code Snippets CPT) and affects versions up to 2.1.0. The root cause is insufficient validation of values before the plugin runs do_shortcode, allowing an authenticated user with Subscriber-level access or higher to trigger ...
CVE-2024-13895 Code Snippets CPT <= 2.1.0 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
CVE-2024-13895 Code Snippets CPT <= 2.1.0 - Authenticated (Subscriber+) Arbitrary Shortcode Execution
The The Code Snippets CPT plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.1.0. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...
WordPress Code Snippets CPT plugin <= 2.1.0 - Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability
Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by Francesco Carlucci in WordPress Plugin Code Snippets CPT versions = 2.1.0...
WordPress plugin The Code Snippets CPT 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...
CVE-2020-8417
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu...
CVE-2024-3105
The Woody code snippets – Insert Header Footer Code, AdSense Ads plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.5.0 via the 'insertphp' shortcode. This is due to the plugin not restricting the usage of the functionality to high level authorized...
CVE-2024-11916
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification and retrieval of data due to a missing capability check on several functions in all versions up to, and including, 3.0.11. This makes it possible for authenticated attackers, with...
CVE-2025-23780
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpha BPO Easy Code Snippets easy-code-snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a through = 1.0.2...
CVE-2025-23780 WordPress Easy Code Snippets Plugin <= 1.0.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpha BPO Easy Code Snippets easy-code-snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a through = 1.0.2...
CVE-2025-23780
CVE-2025-23780 describes an SQL Injection in AlphaBPO Easy Code Snippets (WordPress) due to improper neutralization of special elements in SQL commands. Affected: Easy Code Sn snippets from n/a through 1.0.2. CVSSv3.1 base 7.6 (HIGH), attack vector NETWORK, privileges required HIGH, user interact...
CVE-2025-23780 WordPress Easy Code Snippets Plugin <= 1.0.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alpha BPO Easy Code Snippets easy-code-snippets allows SQL Injection.This issue affects Easy Code Snippets: from n/a through = 1.0.2...
WordPress Easy Code Snippets Plugin <= 1.0.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Easy Code Snippets versions = 1.0.2...
WordPress plugin Easy Code Snippets SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...
CVE-2024-11916
The The Ultimate WordPress Toolkit – WP Extended plugin for WordPress is vulnerable to unauthorized modification and retrieval of data due to a missing capability check on several functions in all versions up to, and including, 3.0.11. This makes it possible for authenticated attackers, with...
PT-2025-1714 · WordPress · Wp Extended
Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Toolkit – WP Extended plugin for WordPress versions up to, and including, 3.0.11 Description: The issue is related to a missing capability check on several functions, allowing authenticated attackers with subscriber-lev...
CVE-2024-11464
CVE-2024-11464 refers to the WordPress plugin Easy Code Snippets. It is a Reflected Cross-Site Scripting vulnerability via the page parameter in all versions up to 1.0.2. The issue is unpatched in the provided materials; affected versions are