466 matches found
WordPress Greenshift plugin <= 11.5.5 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin Greenshift versions = 11.5.5...
WordPress MC Woocommerce Wishlist plugin <= 1.9.1 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin MC Woocommerce Wishlist versions = 1.9.1...
WordPress Product Subtitle for WooCommerce plugin <= 1.3.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via htmlTag Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via htmlTag Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Product Subtitle for WooCommerce versions = 1.3.9...
WordPress Map Block Leaflet plugin <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via url Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Map Block Leaflet versions = 3.2.1...
CVE-2024-49231
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from n/a through = 1.0...
CVE-2024-24929
Cross-Site Request Forgery CSRF vulnerability in Ryan Duff, Peter Westwood WP Contact Form.This issue affects WP Contact Form: from n/a through 1.6...
CVE-2024-50520
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Peter J. Herrel Ancient World Linked Data ancient-world-linked-data-for-wordpress allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through = 0.2.1...
CVE-2023-47650
Cross-Site Request Forgery CSRF vulnerability in Peter Sterling Add Local Avatar.This issue affects Add Local Avatar: from n/a through 12.1...
CVE-2023-44240
Cross-Site Request Forgery CSRF vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin = 1.54 versions...
CVE-2022-47588
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tips and Tricks HQ, Peter Petreski Simple Photo Gallery simple-photo-gallery allows SQL Injection.This issue affects Simple Photo Gallery: from n/a through v1.8.1...
WordPress bunny.net plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin bunny.net versions = 2.3.0...
CVE-2025-46470
Missing Authorization vulnerability in Peter Raschendorfer Smart Hashtags hashtagger hashtagger allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Hashtags hashtagger: from n/a through = 7.2.3...
CVE-2025-46470
CVE-2025-46470 concerns WordPress Smart Hashtags [#hashtagger] plugin (versions up to 7.2.3) with a Missing Authorization vulnerability due to incorrectly configured access control. The public details identify a Medium severity (CVSS 3.1 base 4.3) , exploitable remotely without user interaction. ...
WordPress Tax Switch for WooCommerce plugin <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Tax Switch for WooCommerce versions = 1.4.2...
WordPress Sirat theme <= 1.5.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Theme Sirat versions = 1.5.1...
WordPress Rich Table of Contents plugin <= 1.4.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Rich Table of Contents versions = 1.4.0...
WordPress Cal.com plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Cal.com versions = 1.0.0...
WordPress WP Date and Time Shortcode plugin <= 2.6.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Date and Time Shortcode versions = 2.6.7...
WordPress Fusion plugin <= 1.6.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Fusion versions = 1.6.4...
WordPress Swiss Toolkit For WP plugin <= 1.4.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin Swiss Toolkit For WP versions = 1.4.0...