19 matches found
CVE-2026-9723
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
EUVD-2026-33890
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723 Google Plus One Bottom <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update via Settings Page
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723 Google Plus One Bottom <= 0.0.2 - Cross-Site Request Forgery to Plugin Settings Update via Settings Page
The Google Plus One Bottom plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.0.2. This is due to missing or incorrect nonce validation on the googlePlusOneAdmin function. This makes it possible for unauthenticated attackers to modify the...
CVE-2026-9723
CVE-2026-9723 affects the WordPress plugin Google Plus One Bottom (versions
WordPress plugin Google Plus One Bottom 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
EUVD-2025-12392
Malicious code in bioql PyPI...
CVE-2025-3866
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
CVE-2025-3866 Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
CVE-2025-3866
CVE-2025-3866 affects the WordPress plugin Add Google +1 (Plus One) social share Button, version
CVE-2025-3866 Add Google +1 (Plus one) social share Button <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
WordPress plugin Add Google +1 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Add Google...
PT-2025-17888 · WordPress · Add Google +1 (Plus One) Social Share Button
Name of the Vulnerable Software and Affected Versions: Add Google +1 Plus one social share Button plugin for WordPress version 1.0.0 and earlier Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the google-plus-one-share-button page...
WordPress Add Google +1 (Plus one) social share Button plugin <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Add Google +1 Plus one social share Button versions = 1.0.0...
CVE-2025-46483
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through = 0.1.2...
CVE-2025-46483 WordPress Peadig’s Google +1 Button <= 0.1.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button allows DOM-Based XSS. This issue affects Peadig’s Google +1 Button: from n/a through 0.1.2...
PT-2025-17796 · Unknown · Peadig'S Google +1 Button
Name of the Vulnerable Software and Affected Versions: Peadig’s Google +1 Button versions 0.1.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can be exploited through the Peadig’s Google +1 Button...
WordPress Google Plus One Button By KMS 1.5.0 CSRF / XSS
Title: WordPress 'Google 'Plus one' Button by kms' Plugin Version: 1.5.0 Author: Morten Nørtoft, Kenneth Jepsen & Mikkel Vej Date: 2015-06-16 Download: - https://wordpress.org/plugins/google-plus-one-button-by-kms/ - https://plugins.svn.wordpress.org/google-plus-one-button-by-kms/ Notified...