WordPress Views for WPForms plugin <= 3.4.6 - SQL Injection vulnerability

SQL Injection vulnerability discovered by dodoh4t in WordPress Plugin Views for WPForms versions = 3.4.6...

WordPress plugin Notification for Telegram 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

CVE-2024-9374

The Terms descriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.6. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

WordPress User Meta Manager Plugin Information Disclosure Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An information disclosure vulnerability exists in the WordPress User Meta Manager plugin version 3.4.6, which allows attacker...