591 matches found
WordPress plugin Add Featured Image Custom Link 跨站脚本漏洞
...
PT-2025-54371
Name of the Vulnerable Software and Affected Versions Aum Watcharapon Featured Image Generator versions through 1.3.3 Description An authorization issue exists in Aum Watcharapon Featured Image Generator due to incorrectly configured access control security levels. This allows for an authorizatio...
EUVD-2025-205811
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeFlavors Featured Video for WordPress & VideographyWP allows Stored XSS.This issue affects Featured Video for WordPress & VideographyWP: from n/a through 1.0.18...
CVE-2025-62746 WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeFlavors Featured Video for WordPress VideographyWP videographywp allows Stored XSS.This issue affects Featured Video for WordPress VideographyWP: from n/a through = 1.0.18...
CVE-2025-62746 WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeFlavors Featured Video for WordPress – VideographyWP videographywp allows Stored XSS.This issue affects Featured Video for WordPress – VideographyWP: from n/a through = 1.0.18...
CVE-2025-62746
The CVE-2025-62746 entry is backed by a connected Wordfence vulnerability report for the WordPress plugin/extension Featured Video for WordPress – VideographyWP. It states an Authenticated Stored Cross-Site Scripting (XSS) flaw affecting the product when using versions up to 1.0.18 (the issue is ...
WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Featured Video for WordPress VideographyWP versions = 1.0.18...
PT-2025-54186
Name of the Vulnerable Software and Affected Versions CodeFlavors Featured Video for WordPress & VideographyWP versions through 1.0.18 Description The software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This...
WordPress plugin Featured Video for WordPress & VideographyWP 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2025-13794
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...
CVE-2025-13794
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...
EUVD-2025-203499
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...
CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...
CVE-2025-13794
CVE-2025-13794 affects the Auto Featured Image (Auto Post Thumbnail) WordPress plugin. Versions up to and including 4.2.1 are vulnerable due to a missing capability check in bulk_action_generate_handler, enabling an authenticated user with Contributor-level access or higher to delete or generate ...
CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification
The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...
WordPress Auto Featured Image plugin <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification vulnerability
Missing Authorization to Authenticated Contributor+ Post Thumbnail Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.2.1...
PT-2025-51372
Name of the Vulnerable Software and Affected Versions Auto Featured Image Auto Post Thumbnail plugin for WordPress versions through 4.2.1 Description The Auto Featured Image Auto Post Thumbnail plugin for WordPress has a flaw that allows unauthorized modification of data. A missing capability che...
WordPress plugin Auto Featured Image (Auto Post Thumbnail) 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...
📄 WordPress StoryChief 1.0.42 Remote Code Execution
A critical security vulnerability exists in WordPress Story Chief plugin version 1.0.42 that allows unauthenticated attackers to achieve remote code execution by exploiting the webhook featured image functionality...
CVE-2025-12153
The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on...