210 matches found
CVE-2025-11377 List category posts <= 0.92.0 - Authenticated (Contributor+) Information Exposure
The List category posts plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 0.92.0 via the 'catlist' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with contributor-level...
CVE-2025-11701
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...
CVE-2025-11701
CVE-2025-11701 refers to the WordPress plugin Zip Attachments (versions
CVE-2025-11701 Zip Attachments <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...
CVE-2025-11701 Zip Attachments <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...
WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability
Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Zip Attachments versions = 1.6...
EUVD-2025-7403
Malicious code in bioql PyPI...
EUVD-2024-17700
Malicious code in bioql PyPI...
EUVD-2024-16389
Malicious code in bioql PyPI...
EUVD-2025-27058
Malicious code in bioql PyPI...
EUVD-2024-31902
Malicious code in bioql PyPI...
EUVD-2024-16385
Malicious code in bioql PyPI...
CVE-2025-9984
CVE-2025-9984 (FIFU, Featured Image from URL, WordPress) : The FIFU plugin is vulnerable to an unauthorized access exposure due to a missing capability check in fifu_api_debug_posts(). This allows unauthenticated attackers to read private/password protected posts in all versions up to 5.2.7. Conn...
CVE-2025-7368
The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...
CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure
The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...
CVE-2025-7368 Rehub <= 19.9.7 - Unauthenticated Password Protected Post Disclosure
The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme theme for WordPress is vulnerable to Information Exposure in all versions up to, and including, 19.9.7 via the 'ajaxactionregetfullcontent' function due to insufficient restrictions on which posts can be included. This makes i...
CVE-2025-7368
CVE-2025-7368 — REHub WordPress Theme: Unauthenticated information exposure in REHub up to version 19.9.7 due to insufficient restrictions in the ajax_action_re_getfullcontent path, allowing access to password-protected post data. Affected: REHub Theme for WordPress (versions ≤ 19.9.7). Root caus...
PT-2025-36348
Name of the Vulnerable Software and Affected Versions: REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme versions prior to 19.9.8 Description: The REHub - Price Comparison, Multi Vendor Marketplace Wordpress Theme for WordPress is susceptible to information exposure due to...
WordPress Rehub theme <= 19.9.7 - Unauthenticated Password Protected Post Disclosure vulnerability
Unauthenticated Password Protected Post Disclosure vulnerability discovered by stealthcopter in WordPress Theme Rehub versions = 19.9.7...
CVE-2025-8091
The EventON Lite plugin for WordPress is vulnerable to Information Exposure in all versions less than, or equal to, 2.4.6 via the addsingleeventon and addeventon shortcodes due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated attackers to...