10 matches found
CVE-2025-15043
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'startmigration', 'cancelmigration', and 'revertmigration' functions in all versions up to, and including, 6.15.13. This makes it possible for authenticated attackers, with...
CVE-2025-15043
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'startmigration', 'cancelmigration', and 'revertmigration' functions in all versions up to, and including, 6.15.13. This makes it possible for authenticated attackers, with...
CVE-2025-15043
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'startmigration', 'cancelmigration', and 'revertmigration' functions in all versions up to, and including, 6.15.13. This makes it possible for authenticated attackers, with...
CVE-2025-15043 The Events Calendar <= 6.15.13 - Missing Authorization to Authenticated (Subscriber+) Data Migration Control
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'startmigration', 'cancelmigration', and 'revertmigration' functions in all versions up to, and including, 6.15.13. This makes it possible for authenticated attackers, with...
CVE-2025-15043 The Events Calendar <= 6.15.13 - Missing Authorization to Authenticated (Subscriber+) Data Migration Control
The The Events Calendar plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'startmigration', 'cancelmigration', and 'revertmigration' functions in all versions up to, and including, 6.15.13. This makes it possible for authenticated attackers, with...
Custom Tables 3.4.4 - iframe.php key Parameter XSS
The custom-tables WordPress plugin was affected by an iframe.php key Parameter XSS security vulnerability...
Wordpress Plugins - custom tables XSS Vulnerability
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
WordPress Custom Tables Plugin 3.4.4 - Cross Site Scripting
WordPress Custom Tables plugin's "key" parameter is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal...
WordPress Plugin custom tables - 'key' Cross-Site Scripting
source: https://www.securityfocus.com/bid/54326/info WordPress custom tables plugin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
WordPress Plugin custom tables - key Cross-Site Scripting
WordPress Plugin custom tables - key Cross-Site Scripting source: https://www.securityfocus.com/bid/54326/info WordPress custom tables plugin is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...