3 matches found
WordPress plugin Add Custom Fields to Media 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2025-7839
CVE-2025-7839 affects the WordPress plugin “Restore Permanently delete Post or Page Data” (versions up to 1.0). The root cause is missing or incorrect nonce validation in the rp_dpo_dpa_ajax_dp_delete_data() function, enabling CSRF. This allows unauthenticated attackers to delete site data by tri...
WordPress MultiVendorX plugin <= 4.2.4 - Missing Authorization to Forged Vendor Profile Deletion Email Sending vulnerability
Missing Authorization to Forged Vendor Profile Deletion Email Sending vulnerability discovered by Tieu Pham Trong Nhan in WordPress Plugin MultiVendorX versions = 4.2.4...