CVE-2025-23905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johannes van Poelgeest Admin Options Pages admin-options-pages allows Reflected XSS.This issue affects Admin Options Pages: from n/a through = 0.9.7...

CVE-2025-60208

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

CVE-2025-60208

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

CVE-2025-60208 WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tusko Trush Advanced Custom Fields : CPT Options Pages acf-cpt-options-pages allows Object Injection.This issue affects Advanced Custom Fields : CPT Options Pages: from n/a through = 2.0.9...

CVE-2025-60208

CVE-2025-60208 concerns the WordPress plugin Advanced Custom Fields: CPT Options Pages (acp-cpt-options-pages) up to version 2.0.9. Multiple connected sources confirm a Cross-Site Request Forgery (CSRF) vulnerability that enables Object Injection. The issue affects versions listed as n/a through

WordPress plugin Advanced Custom Fields : CPT Options Pages Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2025-3521

Malicious code in bioql PyPI...

WordPress Advanced Custom Fields : CPT Options Pages plugin <= 2.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Najib Sinjari in WordPress Plugin Advanced Custom Fields : CPT Options Pages versions = 2.0.9...

CVE-2025-23905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johannes van Poelgeest Admin Options Pages admin-options-pages allows Reflected XSS.This issue affects Admin Options Pages: from n/a through = 0.9.7...

CVE-2025-23905 WordPress Admin Options Pages plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johannes van Poelgeest Admin Options Pages admin-options-pages allows Reflected XSS.This issue affects Admin Options Pages: from n/a through = 0.9.7...

CVE-2025-23905 WordPress Admin Options Pages plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Johannes van Poelgeest Admin Options Pages admin-options-pages allows Reflected XSS.This issue affects Admin Options Pages: from n/a through = 0.9.7...

CVE-2025-23905

CVE-2025-23905 is a reflected Cross-Site Scripting vulnerability in the WordPress plugin Admin Options Pages (affected: 0.9.7 and earlier). The underlying issue is improper neutralization of input during web page generation. Several connected sources (Red Hat RH:CVE-2025-23905, NVD entry) confirm...

PT-2025-7017 · Unknown · Johannes Van Poelgeest Admin Options Pages

Name of the Vulnerable Software and Affected Versions: Johannes van Poelgeest Admin Options Pages versions 0.9.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means...

WordPress plugin Admin Options Pages 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress Admin Options Pages plugin <= 0.9.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana in WordPress Plugin Admin Options Pages versions = 0.9.7...

WordPress Photoswipe Masonry Gallery plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Photoswipe Masonry Gallery plugin has a cross-site scripting vulnerability, which can be exploited by...

WordPress plugin Controlled Admin Access访问控制错误漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A security vulnerability exists in the Controlled Admin...

DEBIAN-CVE-2007-4154

SQL injection vulnerability in options.php in WordPress 2.2.1 allows remote authenticated administrators to execute arbitrary SQL commands via the pageoptions parameter to 1 options-general.php, 2 options-writing.php, 3 options-reading.php, 4 options-discussion.php, 5 options-privacy.php, 6...