WordPress plugin Ultimate Store Kit 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2025-2719 Swatchly – WooCommerce Variation Swatches for Products (product attributes: Image swatch, Color swatches, Label swatches) 1.2.8 - 1.4.0 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Swatchly – WooCommerce Variation Swatches for Products product attributes: Image swatch, Color swatches, Label swatches plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in versions 1.2.8 to 1.4.0. This makes ...

PT-2025-14457 · WordPress · Insert Headers/Footers Code – Ht Script

Name of the Vulnerable Software and Affected Versions: The Insert Headers and Footers Code – HT Script plugin for WordPress versions up to, and including, 1.1.2 Description: The issue is related to a missing capability check on the ajax dismiss function, allowing authenticated attackers with...