WordPress B Slider - Gutenberg Slider Block for WP plugin code execution vulnerability

WordPress B Slider - Gutenberg Slider Block for WP plugin is a core editor plugin that comes with WordPress and is part of the Gutenberg editor that was introduced in WordPress version 5.9. A code execution vulnerability exists in WordPress B Slider- Gutenberg Slider Block for WP plugin, which...

CVE-2022-3880

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan WordPress plugin before 4.20 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and activate arbitrary plugins fro...

CVE-2021-24194

Low privileged users can use the AJAX action 'cppluginsdobuttonjoblatercallback' in the Login Protection - Limit Failed Login Attempts WordPress plugin before 2.9, to install any plugin including a specific version from the WordPress repository, as well as activate arbitrary plugin from then blog...

PT-2025-18139 · WordPress · Secupress Free

Name of the Vulnerable Software and Affected Versions: SecuPress Free — WordPress Security plugin versions up to, and including, 2.3.9 Description: The issue allows authenticated attackers with Subscriber-level access and above to install arbitrary plugins due to a missing capability check on the...