EUVD-2025-3573

Malicious code in bioql PyPI...

CVE-2025-23963

Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...

CVE-2025-23963

Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through = 2.2.4...

WordPress Mark Posts plugin <= 2.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Mark Posts versions = 2.2.4...

WordPress plugin Mark Posts 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

SUSE CVE-2016-3734

Cross-site request forgery CSRF vulnerability in markposts.php in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13 and earlier allows remote attackers to hijack the authentication of users for requests that marks forum posts as read...

CVE-2022-40205

Insecure direct object references IDOR vulnerability in the wpForo Forum plugin = 2.0.5 on WordPress allows attackers with subscriber or higher user roles to mark any forum post as solved/unsolved...

PT-2022-25282 · WordPress · Wpforo Forum

Name of the Vulnerable Software and Affected Versions: wpForo Forum plugin versions = 2.0.5 Description: The issue is related to an insecure direct object references IDOR vulnerability. This vulnerability allows attackers with subscriber or higher user roles to mark any forum post as solved or...

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Mark Posts plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Mark Posts plugin has a cross-site scripting...

CVE-2022-0958

The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0958

The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Cross site scripting

The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-0958

CVE-2022-0958 affects the WordPress Mark Posts plugin prior to version 2.0.1, where the plugin does not escape new markers, enabling stored Cross-Site Scripting by high-privilege users (e.g., admins) when the unfiltered_html capability is disallowed. This is documented across multiple sources (NV...

CVE-2022-0958 Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting

The Mark Posts WordPress plugin before 2.0.1 does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

WordPress plugin Mark Posts 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Mark Posts plugin has a cross-site scripting...

Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed Put the following payload in the 'Add new markers' settings of the plugin: "autofocus onfocus=alert/XSS/ b=...

WordPress Mark Posts plugin <= 2.0.0 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by fuzzyap1 in WordPress Mark Posts plugin versions = 2.0.0. Solution Update the WordPress Mark Posts plugin to the latest available version at least 2.0.1...

Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting

The plugin does not escape new markers, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC Put the following payload in the 'Add new markers' settings of the plugin: "autofocus onfocus=alert/XSS/ b=...