WordPress Flashcard Plugin for WordPress plugin <= 0.9 - Authenticated (Contributor+) Arbitrary File Read via Path Traversal vulnerability

Authenticated Contributor+ Arbitrary File Read via Path Traversal vulnerability discovered by Bhumividh Treloges in WordPress Plugin Flashcard versions = 0.9...

CVE-2025-13070 CSV to SortTable <= 4.2 - Contributor+ LFI

The CSV to SortTable WordPress plugin through 4.2 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as contributor to perform LFI attacks...

EUVD-2021-29331

Malicious code in bioql PyPI...

CVE-2024-1564

The wp-schema-pro WordPress plugin before 2.7.16 does not validate post access allowing a contributor user to access custom fields on any post regardless of post type or status via a shortcode...

CVE-2024-11119 BNE Gallery Extended <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via gallery Shortcode

The BNE Gallery Extended plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'gallery' shortcode in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2375

The WPQA Builder WordPress plugin before 6.1.1 does not sanitise and escape some of its Slider settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...

WordPress Pods plugin <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Pod Form Redirect URL vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Pod Form Redirect URL vulnerability discovered by wesley wcraft in WordPress Plugin Pods versions = 3.2.1...

WordPress Sydney Toolbox plugin <= 1.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Filterable Gallery vulnerability discovered by wesley wcraft in WordPress Plugin Sydney Toolbox versions = 1.28...

CVE-2023-4820

The PowerPress Podcasting plugin by Blubrry WordPress plugin before 11.0.12 does not sanitize and escape the media url field in posts, which could allow users with privileges as low as contributor to inject arbitrary web scripts that could target a site admin or superadmin...

CVE-2021-4332

The Plus Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in versions up to, and including 4.1.9 pro and 2.0.6 free. The plugin has a feature to add an "Info Box" to an Elementor created page. This Info Box can include an SVG image for the box. Unfortunately, the...

CVE-2022-4431 WOOCS < 1.3.9.4 - Contributor+ Stored XSS

The WOOCS WordPress plugin before 1.3.9.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege user...

CVE-2022-2391

The Inspiro PRO WordPress plugin does not sanitize the portfolio slider description, allowing users with privileges as low as Contributor to inject JavaScript into the description...

WordPress plugin Custom Content Shortcode 数据伪造问题漏洞

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. WordPress plugin is a WordPress application plugin. WordPress plugin Custom Content Shortcode versions prior to 4.0.2 are vulnerable to an access control error, which stems from the plugin's...

WordPress AdSanity premium plugin <= 1.8.1 - Broken Access Control vulnerability

Broken Access Control vulnerability leading to Arbitrary File Upload Contributor user role discovered by Jerome Bruandet in WordPress AdSanity premium plugin versions = 1.8.1. Solution Update the WordPress AdSanity premium plugin to the latest available version at least 1.8.2. Vulnerability autho...