CVE-2024-9017 PeepSo Core: Groups <= 6.4.6.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Group Description

The PeepSo Core: Groups plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Group Description field in all versions up to, and including, 6.4.6.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

WordPress PeepSo Core: Groups plugin <= 6.4.6.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Group Description vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via Group Description vulnerability discovered by Bikram Kharal in WordPress Plugin PeepSo Core: Groups versions = 6.4.6.0...

CVE-2025-22735 WordPress Tag Cloud Plugin - Tag Groups plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TaxoPress WordPress Tag Cloud Plugin – Tag Groups allows Reflected XSS. This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through 2.0.4...

WordPress FLX Dashboard Groups plugin <= 0.0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin FLX Dashboard Groups versions = 0.0.7...

CVE-2024-43237 WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Steve Burge WordPress Tag Cloud Plugin – Tag Groups tag-groups.This issue affects WordPress Tag Cloud Plugin – Tag Groups: from n/a through = 2.0.3...

WordPress Groups Plugin <= 1.4.5 -

This plugin is prone to a negated role capability H&ling elevated privilege issue. Solution Upgrade this plugin...

WordPress File Groups 1.1.2 SQL Injection

Exploit Title: WordPress File Groups plugin getcol"select guid from wpposts where postparent = $fgid";...