CVE-2026-6708

The CVE-2026-6708 entry concerns the WordPress plugin “HEL Online Classroom: AI-powered Online Classrooms” (versions

CVE-2025-69340

CVE-2025-69340 is a Missing Authorization vulnerability in the WordPress plugin WeDesignTech Ultimate Booking Addon (versions up to 1.0.3). The issue enables improper access control (broken/unauthorized access) with a CVSS v3.1 base score of 7.5 (HIGH) and network attack vector with no user inter...

WordPress InteractiveCalculator for WordPress plugin <= 1.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin InteractiveCalculator for WordPress versions = 1.0.3...

WordPress plugin Flaming Password Reset 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2023-44803

Malicious code in bioql PyPI...

EUVD-2023-39779

Malicious code in bioql PyPI...

CVE-2025-57960

CVE-2025-57960 describes a Cross-Site Request Forgery (CSRF) vulnerability in the Travel Map WordPress plugin. The issue affects the Travel Map plugin version range from not specified to 1.0.3 (i.e., vulnerable in Travel Map: from n/a through 1.0.3). The initial data provides a CVSS 3.1 base scor...

CVE-2025-39415

Summary of CVE-2025-39415 (Social Media Links) A CSRF flaw in the WordPress plugin Social Media Links (by Jayesh Parejiya) enables Stored XSS in versions up to 1.0.3 (affected: 0.0 through 1.0.3). Public sources consistently describe the issue as a CSRF that permits injection of stored scripts, w...

CVE-2025-23537 WordPress add custom google tag manager plugin <= 1.0.3 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Oren hahiashvili add custom google tag manager allows Stored XSS.This issue affects add custom google tag manager: from n/a through 1.0.3...

WordPress plugin Pingmeter Uptime Monitoring 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Alphabetical List 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Bigmart Elements plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Bigmart Elements versions = 1.0.3...

CVE-2023-41853

Cross-Site Request Forgery CSRF vulnerability in WP iCal Availability plugin = 1.0.3 versions...

CVE-2023-40206 WordPress WP 404 Auto Redirect to Similar Post Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin = 1.0.3 versions...

PT-2023-10192 · Webdevstudios · Taxonomy-Switcher Plugin

Name of the Vulnerable Software and Affected Versions: WebDevStudios taxonomy-switcher Plugin versions up to 1.0.3 Description: A problematic issue was found in the WebDevStudios taxonomy-switcher Plugin, affecting the taxonomy switcher init function of the file taxonomy-switcher.php. This issue...

WordPress syndication-links plugin cross-site scripting vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. syndication-links is used in one of the page links to add plug-ins. WordPress syndication-links plugin version 1.0.3 before the...