CVE-2026-25432 WordPress Omnipress plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through = 1.6.7...

CVE-2026-25432 WordPress Omnipress plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in omnipressteam Omnipress omnipress allows Stored XSS.This issue affects Omnipress: from n/a through = 1.6.7...

WordPress Omnipress plugin <= 1.6.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 in WordPress Plugin Omnipress versions = 1.6.7...

CVE-2026-24538 WordPress Omnipress plugin <= 1.6.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in omnipressteam Omnipress omnipress allows PHP Local File Inclusion.This issue affects Omnipress: from n/a through = 1.6.7...

WordPress plugin Omnipress has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Omnipress plugin <= 1.6.5 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Kai Aizen in WordPress Plugin Omnipress versions = 1.6.5...

Exploit for CVE-2025-12163

CVE-2025-12163: Stored Cross-Site Scripting in Omnipress WordP...

CVE-2025-12163

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

CVE-2025-12163

CVE-2025-12163 affects the Omnipress WordPress plugin (versions ≤ 1.6.3). It describes a stored cross-site scripting vulnerability via SVG file uploads, caused by insufficient input sanitization and output escaping. Exploitation requires Author-level access or higher, and payloads can execute in ...

EUVD-2025-201382

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

CVE-2025-12163 Omnipress <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

CVE-2025-12163 Omnipress <= 1.6.5 - Authenticated (Author+) Stored Cross-Site Scripting

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

PT-2025-49204

The Omnipress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

WordPress plugin Omnipress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

CVE-2024-13407

The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.4 via the megamenu block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above,...

CVE-2024-13407

CVE-2024-13407 (Omnipress WordPress plugin) affects Omnipress plugin versions up to and including 1.5.4. The vulnerability is information exposure via the megamenu block, caused by insufficient restrictions on which posts can be included. An authenticated attacker with Contributor level access or...

CVE-2024-13407 Omnipress <= 1.5.4 - Authenticated (Contributor+) Post Disclosure

The Omnipress plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.5.4 via the megamenu block due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above,...

WordPress plugin Omnipress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-49278 WordPress Omnipress plugin <= 1.4.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in omnipressteam Omnipress allows Stored XSS.This issue affects Omnipress: from n/a through 1.4.3...

WordPress plugin Omnipress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...