WordPress iControlWP plugin <= 5.5.3 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin iControlWP versions = 5.5.3...

EUVD-2023-35115

Malicious code in bioql PyPI...

CVE-2023-30751

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

CVE-2024-13742

The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.5 via deserialization of untrusted input from the reqpars parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. N...

CVE-2024-13742 iControlWP – Multiple WordPress Site Manager <= 4.4.5 - Unauthenticated PHP Object Injection

The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.5 via deserialization of untrusted input from the reqpars parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. N...

CVE-2024-13742 iControlWP – Multiple WordPress Site Manager <= 4.4.5 - Unauthenticated PHP Object Injection

The iControlWP – Multiple WordPress Site Manager plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.4.5 via deserialization of untrusted input from the reqpars parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. N...

CVE-2024-13742

CVE-2024-13742: iControlWP – Multiple WordPress Site Manager plugin (

WordPress iControlWP – Multiple WordPress Site Manager plugin <= 4.4.5 - Unauthenticated PHP Object Injection vulnerability

Unauthenticated PHP Object Injection vulnerability discovered by Krzysztof Zając in WordPress Plugin iControlWP versions = 4.4.5...

WordPress plugin iControlWP 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

PT-2025-2262 · WordPress · Icontrolwp

Name of the Vulnerable Software and Affected Versions: iControlWP – Multiple WordPress Site Manager plugin for WordPress versions up to, and including, 4.4.5 Description: The issue is related to PHP Object Injection via deserialization of untrusted input from the reqpars parameter. This allows...

CVE-2023-30751

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

CVE-2023-30751

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

CVE-2023-30751

CVE-2023-30751 affects the WordPress plugin Article Directory Redux (iControlWP Article Directory Redux) versions ≤ 1.0.2. It is described as an Authenticated Stored XSS vulnerability that an administrator can exploit via the plugin’s input handling. Impact is characterized as low for confidentia...

CVE-2023-30751 WordPress Article Directory Redux Plugin <= 1.0.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in iControlWP Article Directory Redux plugin = 1.0.2 versions...

PT-2023-22954 · WordPress · Icontrolwp Article Directory Redux

Name of the Vulnerable Software and Affected Versions: iControlWP Article Directory Redux plugin versions 1.0.2 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin access can inject malicious scrip...