CVE-2026-39652 WordPress iGMS Direct Booking plugin <= 1.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in igms iGMS Direct Booking igms-direct-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iGMS Direct Booking: from n/a through = 1.3...

WordPress plugin Smart WeTransfer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

CVE-2025-57943

CVE-2025-57943 describes a Server-Side Request Forgery (SSRF) in the WordPress plugin Skimlinks Affiliate Marketing Tool (skimlinks). The issue affects the plugin as installed in versions from n/a through

WordPress plugin Simple Price Calculator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Page Transition 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress和WordPress plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

WordPress plugin WooCommerce Product Multi-Action 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

CVE-2023-23727

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Formilla Live Chat by Formilla plugin = 1.3 versions...

WordPress plugin Visual Header 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-23660 WordPress MFPlugin plugin <= 1.3 - CSRF to Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Walter Cerrudo MFPlugin allows Stored XSS.This issue affects MFPlugin: from n/a through 1.3...

WordPress plugin Site PIN 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-27628

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Webvitaly Sitekit plugin = 1.3 versions...

CVE-2023-35092

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abhay Yadav Breadcrumb simple plugin = 1.3 versions...

WordPress Claptastic clap! Button plugin has multiple cross-site scripting vulnerabilities

WordPress is a blogging platform developed in PHP by the WordPress Software Foundation.Claptastic clap! Button is one of the button plugins that selects everyone's favorite content by readers clicking on different buttons. WordPress Claptastic clap! Button plugin version 1.3 has multiple cross-si...