Lucene search
K

591 matches found

CNNVD
CNNVD
added 2025/12/31 12:0 a.m.3 views

WordPress plugin Add Featured Image Custom Link 跨站脚本漏洞

...

5.9CVSS6.8AI score0.00176EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.8 views

PT-2025-54371

Name of the Vulnerable Software and Affected Versions Aum Watcharapon Featured Image Generator versions through 1.3.3 Description An authorization issue exists in Aum Watcharapon Featured Image Generator due to incorrectly configured access control security levels. This allows for an authorizatio...

5.3CVSS6.5AI score0.00176EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/30 6:30 p.m.2 views

EUVD-2025-205811

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeFlavors Featured Video for WordPress & VideographyWP allows Stored XSS.This issue affects Featured Video for WordPress & VideographyWP: from n/a through 1.0.18...

6.5CVSS5.5AI score0.00127EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/12/30 4:13 p.m.1 views

CVE-2025-62746 WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeFlavors Featured Video for WordPress VideographyWP videographywp allows Stored XSS.This issue affects Featured Video for WordPress VideographyWP: from n/a through = 1.0.18...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/30 4:13 p.m.24 views

CVE-2025-62746 WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CodeFlavors Featured Video for WordPress – VideographyWP videographywp allows Stored XSS.This issue affects Featured Video for WordPress – VideographyWP: from n/a through = 1.0.18...

6.5CVSS0.00127EPSS
Exploits0References1
CVE
CVE
added 2025/12/30 4:13 p.m.8 views

CVE-2025-62746

The CVE-2025-62746 entry is backed by a connected Wordfence vulnerability report for the WordPress plugin/extension Featured Video for WordPress – VideographyWP. It states an Authenticated Stored Cross-Site Scripting (XSS) flaw affecting the product when using versions up to 1.0.18 (the issue is ...

6.5CVSS5.2AI score0.00127EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/30 4:12 p.m.6 views

WordPress Featured Video for WordPress – VideographyWP plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Featured Video for WordPress VideographyWP versions = 1.0.18...

6.5CVSS5.9AI score0.00127EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/30 12:0 a.m.3 views

PT-2025-54186

Name of the Vulnerable Software and Affected Versions CodeFlavors Featured Video for WordPress & VideographyWP versions through 1.0.18 Description The software contains a flaw related to improper input handling during web page generation, specifically a Stored Cross-site Scripting issue. This...

6.5CVSS7AI score0.00127EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.2 views

WordPress plugin Featured Video for WordPress & VideographyWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

6.5CVSS5.7AI score0.00127EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/17 8:7 a.m.5 views

CVE-2025-13794

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS5.1AI score0.00287EPSS
Exploits0References1
NVD
NVD
added 2025/12/16 6:15 a.m.4 views

CVE-2025-13794

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00287EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/16 5:25 a.m.4 views

EUVD-2025-203499

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS4.6AI score0.00287EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/16 5:25 a.m.2 views

CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS4.7AI score0.00287EPSS
Exploits0References3
CVE
CVE
added 2025/12/16 5:25 a.m.8 views

CVE-2025-13794

CVE-2025-13794 affects the Auto Featured Image (Auto Post Thumbnail) WordPress plugin. Versions up to and including 4.2.1 are vulnerable due to a missing capability check in bulk_action_generate_handler, enabling an authenticated user with Contributor-level access or higher to delete or generate ...

4.3CVSS4.7AI score0.00287EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/16 5:25 a.m.29 views

CVE-2025-13794 Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification

The Auto Featured Image Auto Post Thumbnail plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the bulkactiongeneratehandler function in all versions up to, and including, 4.2.1. This makes it possible for authenticated attackers, with...

4.3CVSS0.00287EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/16 12:37 a.m.6 views

WordPress Auto Featured Image plugin <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification vulnerability

Missing Authorization to Authenticated Contributor+ Post Thumbnail Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.2.1...

4.3CVSS6.7AI score0.00287EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/16 12:0 a.m.5 views

PT-2025-51372

Name of the Vulnerable Software and Affected Versions Auto Featured Image Auto Post Thumbnail plugin for WordPress versions through 4.2.1 Description The Auto Featured Image Auto Post Thumbnail plugin for WordPress has a flaw that allows unauthorized modification of data. A missing capability che...

4.3CVSS6.2AI score0.00287EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/16 12:0 a.m.4 views

WordPress plugin Auto Featured Image (Auto Post Thumbnail) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS6.3AI score0.00287EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2025/12/09 12:0 a.m.160 views

📄 WordPress StoryChief 1.0.42 Remote Code Execution

A critical security vulnerability exists in WordPress Story Chief plugin version 1.0.42 that allows unauthenticated attackers to achieve remote code execution by exploiting the webhook featured image functionality...

9.8CVSS8.3AI score0.37349EPSS
Exploits8
RedhatCVE
RedhatCVE
added 2025/12/06 5:54 a.m.5 views

CVE-2025-12153

The Featured Image via URL plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation function in all versions up to, and including, 0.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload arbitrary files on...

8.8CVSS7.3AI score0.00462EPSS
Exploits0References1
Rows per page
Query Builder