WordPress Links in Captions plugin <= 1.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Links in Captions versions = 1.2...

WordPress Dynamic URL SEO plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Dynamic URL SEO versions = 1.0...

WordPress Visitor Details plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Visitor Details versions = 1.0.1...

WordPress Yahoo BOSS Plugin <= 0.7 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Yahoo BOSS versions = 0.7...

WordPress Like dislike plus counter plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tri Doan in WordPress Plugin Like dislike plus counter versions = 1.0...

WordPress plugin Zalomení 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Starter Templates by FancyWP plugin <= 2.0.0 - Unauthenticated Blind Server-Side Request Forgery vulnerability

Unauthenticated Blind Server-Side Request Forgery vulnerability discovered by Francesco Carlucci in WordPress Plugin Starter Templates by FancyWP versions = 2.0.0...

WordPress Alex Reservations: Smart Restaurant Booking plugin <= 2.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by zakaria in WordPress Plugin Alex Reservations versions = 2.0.5...

WordPress Social Share Buttons for WordPress plugin <= 2.7 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Social Share Buttons for WordPress versions = 2.7...

WordPress Morkva UA Shipping plugin <= 1.0.18 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Morkva UA Shipping versions = 1.0.18...

WordPress plugin Google Captcha 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-10633 Quiz Maker Business, Developer, and Agency <= (Multiple Versions) - Unauthenticated Arbitrary Shortcode Execution via content

The Quiz Maker Business, Developer, and Agency plugins for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.8.0 Business, up to, and including, 21.8.0 Developer, and up to, and including, 31.8.0 Agency. This is due to the software allowing users to...

WordPress Precious Metals Charts and Widgets for WordPress plugin <= 1.2.8 - Authenticated (Contributor+) Stored Cross-site Scripting vulnerability

Authenticated Contributor+ Stored Cross-site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Precious Metals Charts and Widgets for WordPress versions = 1.2.8...

WordPress Radius Blocks – WordPress Gutenberg Blocks Plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Tran Nguyen Bao Khanh in WordPress Plugin Radius Blocks versions = 2.1.2...

WordPress plugin Sticky Buttons 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

WordPress plugin Post Duplicator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-23803 WordPress Snippy Plugin <= 1.4.1 - CSRF to Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Rik Schennink Snippy snippy allows Reflected XSS.This issue affects Snippy: from n/a through = 1.4.1...

CVE-2025-23720 WordPress Web Push plugin <= 1.4.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Marco Castelluccio Web Push web-push allows Stored XSS.This issue affects Web Push: from n/a through = 1.4.0...

CVE-2025-23471 WordPress ECT Add to Cart Button plugin <= 1.4 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in etemplates ECT Add to Cart Button ect-add-to-cart-button allows Stored XSS.This issue affects ECT Add to Cart Button: from n/a through = 1.4...

WordPress Rebrand Fluent Forms Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Rebrand Fluent Forms versions = 1.0...