12 matches found
CVE-2026-39690
Missing Authorization vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Author Avatars List/Block: from n/a through = 2.1.25...
PT-2026-31252
Missing Authorization vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Author Avatars List/Block: from n/a through = 2.1.25...
EUVD-2025-3008
Malicious code in bioql PyPI...
EUVD-2024-42406
Malicious code in bioql PyPI...
CVE-2025-22804
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paul Bearne Author Avatars List/Block author-avatars allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through = 2.1.23...
CVE-2025-22804
CVE-2025-22804 affects the WordPress plugin Author Avatars List/Block. It is a stored XSS vulnerability exploitable by authenticated users with Contributor+ access (due to insufficient input neutralization in Author Avatars List/Block
CVE-2024-47370 WordPress Author Avatars List/Block plugin <= 2.1.21 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.21...
CVE-2024-47370
CVE-2024-47370 affects WordPress plugin Author Avatars List/Block (versions
PT-2024-32588 · Unknown · Paul Bearne Author Avatars List/Block
Name of the Vulnerable Software and Affected Versions: Paul Bearne Author Avatars List/Block versions 2.1.21 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS, which allows Stored XSS. This means an...
CVE-2023-49846
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.17...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Paul Bearne Author Avatars List/Block allows Stored XSS.This issue affects Author Avatars List/Block: from n/a through 2.1.17...
CVE-2023-49846
CVE-2023-49846: Stored XSS in WordPress plugin Author Avatars List/Block. Affected versions: