CVE-2025-1911

CVE-2025-1911 (Product Import Export for WooCommerce – Import Export Product CSV Suite, WordPress) . The vulnerability arises from insufficient file path validation in the admin_log_page() function, allowing a directory traversal to occur. This enables an authenticated attacker with Administrator...

WordPress plugin canvasio3D Light 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-25471 WordPress WCP OpenWeather Plugin <= 2.5.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Webcodin WCP OpenWeather plugin = 2.5.0 versions...

WordPress 信息泄露漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A security vulnerability exists in the WordPress plugin...

WordPress Plugin leenk.me 2.5.0 - Cross-Site Request Forgery Cross-Site Scripting

WordPress Plugin leenk.me 2.5.0 - Cross-Site Request Forgery Cross-Site Scripting I would like to disclose CSRF and stored XSS vulnerability in Wordpress plugin LeenkMe version 2.5.0. The plugin can be found at https://wordpress.org/plugins/leenkme/ In the page...