1398 matches found
WISDOM Pegasus CMS 路径遍历漏洞
WISDOM Pegasus CMS is a content management system developed by the Australian company WISDOM. Version 1.0 of WISDOM Pegasus CMS has a path traversal vulnerability. This vulnerability stems from a remote code execution vulnerability in the extrafields.php plugin, which may allow unverified attacke...
GHSA-4Q27-4RRQ-FX95 AVideo: CSRF on Player Skin Configuration via admin/playerUpdate.json.php
Severity: Medium CWE: CWE-352 Cross-Site Request Forgery Summary The player skin configuration endpoint at admin/playerUpdate.json.php does not validate CSRF tokens. The plugins table is explicitly excluded from the ORM's domain-based security check via ignoreTableSecurityCheck, removing the only...
PT-2026-28214
Name of the Vulnerable Software and Affected Versions WP Lightbox 2 WordPress plugin versions prior to 3.0.7 Description The WP Lightbox 2 WordPress plugin does not properly sanitise and escape certain settings. This could allow users with high privileges, such as administrators, to carry out...
WordPress plugin Creator LMS 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Bus Ticket Booking with Seat Reservation 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...
WordPress plugin Beelove 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
WordPress plugin Ultimate Post Kit 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
WordPress plugin wpDiscuz 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...
WordPress plugin RegistrationMagic 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...
WordPress plugin Envo Extra 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress Handmade Framework plugin <= 3.9 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Handmade Framework versions = 3.9...
WordPress plugin Aldo 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Jetpack CRM 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
WordPress plugin Cartify 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-25323
CVE-2026-25323 affects WordPress OSM plugin versions
WordPress SiteOrigin Widgets Bundle plugin <= 1.70.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by bashu - KCSC in WordPress Plugin SiteOrigin Widgets Bundle versions = 1.70.4...
WordPress plugin Media Library Folders 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2026-1570 Simple Bible Verse via Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Simple Bible Verse via Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's verse shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Sync Master Sheet – Product Sync with Google Sheet for WooCommerce plugin <= 1.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by NumeX in WordPress Plugin Sync Master Sheet Product Sync with Google Sheet for WooCommerce versions = 1.1.3...
WordPress plugin SEO Flow by LupsOnline 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...