144 matches found
CVE-2024-41816
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Persistent Cross-Site Scripting XSS via the ‘cooked-timer’ shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping. This vulnerability allows authenticate...
CVE-2024-39681
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39678
Cooked is a recipe plugin for WordPress. The Cooked plugin is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users into performing...
CVE-2024-39679
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2024-39680
Cooked is a recipe plugin for WordPress. The Cooked plugin for WordPress is vulnerable to Cross-Site Request Forgery CSRF in versions up to, and including, 1.7.15.4 due to missing or incorrect nonce validation on the AJAX action handler. This vulnerability could allow an attacker to trick users...
CVE-2025-62989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gora Tech Cooked cooked allows Stored XSS.This issue affects Cooked: from n/a through = 1.11.3...
CVE-2025-62989
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gora Tech Cooked cooked allows Stored XSS.This issue affects Cooked: from n/a through = 1.11.3...
CVE-2025-62989
CVE-2025-62989 discusses an Improper Neutralization of Input During Web Page Generation (Stored XSS) in the WordPress plugin Cooked . Affected: Cooked versions from unspecified base up to a maximum of 1.11.3 . Root cause: input is not properly neutralized during web page generation, enabling stor...
CVE-2025-62989 WordPress Cooked plugin <= 1.11.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gora Tech Cooked cooked allows Stored XSS.This issue affects Cooked: from n/a through = 1.11.3...
EUVD-2025-205980
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Boxy Studio Cooked allows Stored XSS.This issue affects Cooked: from n/a through 1.11.2...
CVE-2025-62989 WordPress Cooked plugin <= 1.11.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gora Tech Cooked cooked allows Stored XSS.This issue affects Cooked: from n/a through = 1.11.3...
WordPress Cooked plugin <= 1.11.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by ch1mk in WordPress Plugin Cooked versions = 1.11.3...
PT-2025-54415
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Boxy Studio Cooked allows Stored XSS.This issue affects Cooked: from n/a through 1.11.2...
WordPress plugin Cooked 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993177)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993177 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject cooked mode if it is set along with other flags It is possible to set both...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992633)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992633 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject cooked mode if it is set along with other flags It is possible to set both...
CVE-2025-68586
Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cooked: from n/a through = 1.11.3...
EUVD-2025-205249
Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cooked: from n/a through = 1.11.2...
CVE-2025-68586
Missing Authorization vulnerability in Gora Tech Cooked cooked allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cooked: from n/a through = 1.11.3...
CVE-2025-68586
CVE-2025-68586 describes a Missing Authorization vulnerability in the Cooked (WordPress) plugin, affecting Cooked: from n/a through