8 matches found
CVE-2026-4120
The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnUrl' parameter within the Info Cards block in all versions up to, and including, 2.0.7. This is due to insufficient input validation on URL schemes, specifically the...
WordPress Info Cards plugin <= 2.0.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block Attributes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Block Attributes vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Info Cards versions = 2.0.7...
CVE-2026-4120
The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the btnUrl parameter in the Info Cards block for all versions up to 2.0.7. Insufficient input validation on URL schemes allows javascript: URLs to slip through the JSON data p...
PT-2026-26259
The Info Cards – Add Text and Media in Card Layouts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'btnUrl' parameter within the Info Cards block in all versions up to, and including, 2.0.7. This is due to insufficient input validation on URL schemes, specifically the...
WordPress plugin Info Cards – Add Text and Media in Card Layouts 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
CVE-2025-54711
CVE-2025-54711 concerns a Missing Authorization vulnerability in the WordPress plugin Info Cards (versions
CVE-2025-54711 WordPress Info Cards Plugin <= 1.0.11 - Broken Access Control Vulnerability
Missing Authorization vulnerability in bPlugins Info Cards info-cards allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Info Cards: from n/a through = 1.0.11...
WordPress plugin Info Cards 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...