CVE-2026-1542 Super Stage WP <= 1.0.1 - Unauthenticated PHP Object Injection

The Super Stage WP WordPress plugin through 1.0.1 unserializes user input via REQUEST, which could allow unauthenticated users to perform PHP Object Injection when a suitable gadget is present on the blog...

CVE-2025-59007

CVE-2025-59007 describes a Deserialization of Untrusted Data vulnerability in the WordPress plugin TF Woo Product Grid Addon For Elementor (tf-woo-product-grid) up to version 1.0.1. The issue enables Object Injection due to unsafe deserialization of data, with the public records indicating a high...

WordPress plugin WP Responsive Meet The Team 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...

EUVD-2024-51733

Malicious code in bioql PyPI...

WordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin Rich Text Editor versions = 1.0.1...

CVE-2025-31623 WordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in richtexteditor Rich Text Editor richtexteditor allows Stored XSS.This issue affects Rich Text Editor: from n/a through = 1.0.1...

WordPress Pixobe Cartography plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Pixobe Cartography versions = 1.0.1...

CVE-2025-23629 WordPress Gallerio plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Subhasis Laha Gallerio gallerio allows Reflected XSS.This issue affects Gallerio: from n/a through = 1.0.1...

WordPress Akismet htaccess writer plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Akismet htaccess writer versions = 1.0.1...

Jenkins Subversion Partial Release Manager Plugin Security Vulnerability

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project.Jenkins Plugin is a software application. A security vulnerability...

WordPress plugin Button Widget Smartsoft 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...