WordPress Themify Event Post plugin <= 1.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim in WordPress Plugin Themify Event Post versions = 1.3.4...

CVE-2025-68058 WordPress Institutions Directory plugin <= 1.3..4 - Broken Access Control vulnerability

Missing Authorization vulnerability in e-plugins Institutions Directory institutions-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Institutions Directory: from n/a through = 1.3..4...

WordPress Institutions Directory plugin <= 1.3.4 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Institutions Directory versions = 1.3.4...

CVE-2025-68053

CVE-2025-68053 concerns the WordPress plugin xPromoter (LambertGroup)

EUVD-2025-27716

Malicious code in bioql PyPI...

WordPress Social Rocket plugin <= 1.3.4 - Missing Authorization to Settings Update vulnerability

Missing Authorization to Settings Update vulnerability discovered by WordFence in WordPress Plugin Social Rocket versions = 1.3.4...

CVE-2023-32957

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Dazzlersoft Team Members Showcase plugin = 1.3.4 versions...

CVE-2022-38356

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin = 1.3.4 versions...