CVE-2024-54413 WordPress Display Future Posts plugin <= 0.2.3 - CSRF to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stefan Brandt Display Future Posts allows Stored XSS.This issue affects Display Future Posts: from n/a through 0.2.3...

CVE-2024-54430 WordPress EELV Newsletter plugin <= 4.8.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Europe Ecologie Les Verts EELV Newsletter eelv-newsletter allows Cross Site Request Forgery.This issue affects EELV Newsletter: from n/a through = 4.8.2...

CVE-2024-54431 WordPress Admin Customization plugin <= 2.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in phpdevp Admin Customization wpp-customization allows Stored XSS.This issue affects Admin Customization: from n/a through = 2.2...

CVE-2024-54431

CVE-2024-54431 is a CSRF-to-Stored-XSS vulnerability in the Admin Customization plugin for Admin Customization: from n/a through 2.2. The issue, described in connected documents as a Cross-Site Request Forgery vulnerability that enables Stored XSS, affects the Admin Customization plugin before or...

CVE-2024-54433

CVE-2024-54433 describes a CSRF vulnerability in the Simple Booking Widget that can lead to stored XSS. Affected software is Simple Booking Widget (version range from n/a through 1.1). Connected sources confirm the issue and indicate patch status as Unpatched; no public exploitation status is pro...

CVE-2024-54439

CVE-2024-54439 is a CSRF to Stored XSS vulnerability in the Amazon Product Price WordPress plugin. Affected software: Amazon Product Price (WordPress). Reported issue links indicate CSRF could trigger Stored XSS, enabling execution of arbitrary scripts in victim sessions. CVSSv3.1 base score 7.1 ...

WordPress plugin Zita Site Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-17590 · WordPress · Import Eventbrite Events

Name of the Vulnerable Software and Affected Versions: Import Eventbrite Events plugin for WordPress versions up to, and including, 1.7.4 Description: The issue is related to Reflected Cross-Site Scripting via the page parameter due to insufficient input sanitization and output escaping. This...

CVE-2024-54234 WordPress Limit Login Attempts plugin <= 5.5 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wp-buy Limit Login Attempts wp-limit-failed-login-attempts allows SQL Injection.This issue affects Limit Login Attempts: from n/a through = 5.5...

CVE-2023-40203 WordPress MailChimp Forms by MailMunch plugin <= 3.1.4 - Broken Access Control

Missing Authorization vulnerability in MailMunch MailChimp Forms by MailMunch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MailChimp Forms by MailMunch: from n/a through 3.1.4...

CVE-2023-39995

CVE-2023-39995 relates to WordPress Portfolio and Projects plugin (versions

CVE-2022-46838

CVE-2022-46838 affects the WordPress plugin JS Help Desk – Best Help Desk & Support Plugin, versions prior to 2.7.1. The issue is a Missing Authorization vulnerability due to an incorrectly configured access control security level, enabling unauthenticated users to perform settings changes. Impac...

WordPress plugin Inactive Logout 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...

WordPress plugin WP Directory Kit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin Notibar 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

PT-2024-12956 · Mad Fish Digital · Bulk Noindex & Nofollow Toolkit

Name of the Vulnerable Software and Affected Versions: Mad Fish Digital Bulk NoIndex & NoFollow Toolkit versions 1.42 and earlier Bulk NoIndex & NoFollow Toolkit plugin version 1.42 Description: The issue affects the Bulk NoIndex & NoFollow Toolkit plugin due to a Missing Authorization...

WordPress plugin Image Regenerate & Select Crop 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress plugin CHP Ads Block Detector 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Hash Form plugin <= 1.2.1 - Missing Authorization to Authenticated (Contributor+) Form Style Creation vulnerability

Missing Authorization to Authenticated Contributor+ Form Style Creation vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Hash Form versions = 1.2.1...

WordPress Increase Sociability plugin <= 1.3.0 - Reflected Cross Site Request Forgery (CSRF) vulnerability

Reflected Cross Site Request Forgery CSRF vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Increase Sociability versions = 1.3.0...