PT-2025-30118 · WordPress · Vchasno Kasa

Name of the Vulnerable Software and Affected Versions: Vchasno Kasa plugin for WordPress versions up to and including 1.0.3 Description: The Vchasno Kasa plugin for WordPress is susceptible to unauthorized data access due to a missing capability check within the mrkv vchasno kasa wc do metabox...

PT-2023-30372 · WordPress · I Thirteen Web Solution Post Sliders & Post Grids

Name of the Vulnerable Software and Affected Versions: I Thirteen Web Solution Post Sliders & Post Grids plugin versions = 1.0.20 Description: The issue is related to an Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with administrative access can...

PT-2023-15965 · WordPress · The User Post Gallery - Upg

Name of the Vulnerable Software and Affected Versions: The User Post Gallery - UPG plugin for WordPress versions up to, and including 2.19 Description: The issue allows for authorization bypass, leading to remote command execution due to the use of a nopriv AJAX action and user-supplied function...

PT-2022-21909 · WordPress · Wp Humans.Txt

Name of the Vulnerable Software and Affected Versions: WP Humans.txt WordPress plugin versions 1.0.0 through 1.0.6 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...