72 matches found
CVE-2025-14608
The WP Last Modified Info plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.5. This is due to the plugin not validating a user's access to a post before modifying its metadata in the 'bulksave' AJAX action. This makes it possible for...
CVE-2025-14608
CVE-2025-14608 — WP Last Modified Info (WordPress plugin) affects WP Last Modified Info versions
CVE-2025-14608 WP Last Modified Info <= 1.9.5 - Insecure Direct Object Reference to Authenticated (Author+) Post Metadata Modification
The WP Last Modified Info plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.5. This is due to the plugin not validating a user's access to a post before modifying its metadata in the 'bulksave' AJAX action. This makes it possible for...
WordPress plugin WP Last Modified Info 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-8047
The WP Last Modified Info plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.5. This is due to the plugin not validating a user's access to a post before modifying its metadata in the 'bulk save' AJAX action. This makes it possible for...
WordPress WP Last Modified Info plugin <= 1.9.5 - Insecure Direct Object Reference to Authenticated (Author+) Post Metadata Modification vulnerability
Insecure Direct Object Reference to Authenticated Author+ Post Metadata Modification vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin WP Last Modified Info versions = 1.9.5...
Exploit for Improper Authentication in Oracle Concurrent_Processing
CVE-2025-61882 & CVE-2025-61884 EDIT: Oracle just disclose...
CVE-2025-62968
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
CVE-2025-62968
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
CVE-2025-62968
CVE-2025-62968 is a Stored XSS vulnerability in the WordPress plugin WP Last Modified Info (wp-last-modified-info) due to improper input neutralization during web page generation. Affected range is WP Last Modified Info: from n/a through
EUVD-2025-35977
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
CVE-2025-62968 WordPress WP Last Modified Info plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
CVE-2025-62968 WordPress WP Last Modified Info plugin <= 1.9.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
PT-2025-43840
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
WordPress plugin WP Last Modified Info security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2025-52756
Improper Control of Generation of Code 'Code Injection' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Remote Code Inclusion.This issue affects WP Last Modified Info: from n/a through = 1.9.4...
EUVD-2025-35479
Improper Control of Generation of Code 'Code Injection' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Remote Code Inclusion.This issue affects WP Last Modified Info: from n/a through = 1.9.2...
CVE-2025-52756
Improper Control of Generation of Code 'Code Injection' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Remote Code Inclusion.This issue affects WP Last Modified Info: from n/a through = 1.9.4...
CVE-2025-52756 WordPress WP Last Modified Info plugin <= 1.9.4 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Remote Code Inclusion.This issue affects WP Last Modified Info: from n/a through = 1.9.4...
CVE-2025-52756
The CVE-2025-52756 entry describes a Remote Code Inclusion/Execution vulnerability in the WordPress plugin WP Last Modified Info. Affected versions are listed as