WordPress plugin AMP for WP – Accelerated Mobile Pages 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...

EUVD-2025-11709

Malicious code in bioql PyPI...

CVE-2024-1043

The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'amppbremovesavedlayoutdata' function in all versions up to, and including, 1.0.93.1. This makes it possible for authenticated attackers, with...

CVE-2025-32625

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pootlepress Mobile Pages mobile-pages allows Reflected XSS.This issue affects Mobile Pages: from n/a through = 1.0.2...

CVE-2025-32625

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pootlepress Mobile Pages mobile-pages allows Reflected XSS.This issue affects Mobile Pages: from n/a through = 1.0.2...

CVE-2025-32625 WordPress Mobile Blocks Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pootlepress Mobile Pages allows Reflected XSS. This issue affects Mobile Pages: from n/a through 1.0.2...

CVE-2025-32625 WordPress Mobile Blocks Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in pootlepress Mobile Pages mobile-pages allows Reflected XSS.This issue affects Mobile Pages: from n/a through = 1.0.2...

WordPress plugin Mobile Pages 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

PT-2025-17143 · Pootlepress · Pootlepress Mobile Pages

Name of the Vulnerable Software and Affected Versions: pootlepress Mobile Pages versions 1.0.0 through 1.0.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacke...

WordPress Mobile Blocks Plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Mobile Pages versions = 1.0.2...

PT-2024-16863 · WordPress · Amp For Wp

Name of the Vulnerable Software and Affected Versions: AMP for WP – Accelerated Mobile Pages plugin for WordPress versions prior to 1.1.2 Description: The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the disqus name parameter due t...

CVE-2024-47318

Missing Authorization vulnerability in Magazine3 PWA for WP & AMP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PWA for WP & AMP: from n/a through 1.7.72...

CVE-2024-43146 WordPress Accelerated Mobile Pages plugin <= 1.0.96.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AMP for WP: from n/a through 1.0.96.1...

CVE-2024-43146 WordPress Accelerated Mobile Pages plugin <= 1.0.96.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ahmed Kaludi, Mohammed Kaludi AMP for WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AMP for WP: from n/a through 1.0.96.1...

WordPress plugin AMP for WP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-9598

The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.99.1. This is due to missing or incorrect nonce validation on the 'proxy' function. This makes it possible for unauthenticated attackers to send the...

WordPress Accelerated Mobile Pages plugin <= 1.0.96.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin AMP for WP versions = 1.0.96.1...

CVE-2024-6896 AMP for WP – Accelerated Mobile Pages <= 1.0.96.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The AMP for WP – Accelerated Mobile Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.96.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2024-37937 · WordPress · Amp For Wp – Accelerated Mobile Pages

Name of the Vulnerable Software and Affected Versions: AMP for WP – Accelerated Mobile Pages plugin for WordPress versions up to, and including, 1.0.96.1 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escapin...

WordPress Plugin AMP for WP Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...