CVE-2026-25402 WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through =...

WordPress plugin Knowledge Base for Documentation, FAQs with AI Assistance 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

PT-2025-54293

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BasePress Knowledge Base documentation & wiki plugin – BasePress allows Stored XSS.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.17.0.1...

WordPress plugin Knowledge Base 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

CVE-2025-7431

The Knowledge Base plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin slug setting in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

PT-2025-29985 · WordPress · Wp Knowledgebase

Name of the Vulnerable Software and Affected Versions: Knowledge Base plugin for WordPress versions prior to 2.3.2 Description: The Knowledge Base plugin for WordPress is susceptible to Stored Cross-Site Scripting via the plugin slug setting due to insufficient input sanitization and output...

CVE-2025-5533 Knowledge Base <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Knowledge Base plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'kbalert' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2025-5533 Knowledge Base <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Knowledge Base plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'kbalert' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

PT-2025-24036 · WordPress · Wp Knowledgebase

Name of the Vulnerable Software and Affected Versions: Knowledge Base plugin for WordPress versions prior to 2.3.0 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the kbalert shortcode. This allows authenticated attackers with...

WordPress plugin Knowledge Base 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2024-10664 Knowledge Base documentation & wiki plugin – BasePress Docs <= 2.16.3.3 - Missing Authorization to Authenticated (Subscriber+) Database Update

The Knowledge Base documentation & wiki plugin – BasePress Docs plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the basepressdbpostsupdate function in all versions up to, and including, 2.16.3.3. This makes it possible for authenticated...

PT-2024-39146 · WordPress · The Kb Support – Wordpress Help Desk/Knowledge Base

Name of the Vulnerable Software and Affected Versions: The KB Support – WordPress Help Desk and Knowledge Base plugin for WordPress versions up to, and including, 1.6.6 Description: The issue allows unauthorized access and modification of data due to a missing capability check on the kbs ajax loa...

CVE-2024-33590 WordPress basepress plugin <= 2.16.1 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in codeSavory Knowledge Base documentation & wiki plugin – BasePress.This issue affects Knowledge Base documentation & wiki plugin – BasePress: from n/a through 2.16.1...