WordPress plugin AI BotKit – AI Chatbot & Live Support for WordPress 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin ShareThis Dashboard for Google Analytics 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information...

WordPress plugin Guest posting / Frontend Posting / Front Editor – WP Front User Submit 安全漏洞

...

WordPress plugin MTCaptcha 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin Cool YT Player 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Relevanssi和WordPress plugin Relevanssi Premium 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Newsletter Email Subscribe 跨站请求伪造漏洞

...

WordPress plugin Oneline Lite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

PT-2026-1628

Name of the Vulnerable Software and Affected Versions Stumble! for WordPress plugin versions up to and including 1.1.1 Description The Stumble! for WordPress plugin is susceptible to Reflected Cross-Site Scripting. This is due to insufficient input sanitization and output escaping of the $...

WordPress plugin AH Shortcodes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...

WordPress plugin WP Js List Pages Shortcodes 跨站脚本漏洞

...

WordPress plugin WP Enable WebP 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code issue...

WordPress Snillrik Restaurant plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'menu_style' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'menustyle' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Snillrik Restaurant versions = 2.2.1...

WordPress Responsive Pricing Table plugin <= 5.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'table_currency' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'tablecurrency' vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Responsive Pricing Table versions = 5.1.12...

WordPress Easy GitHub Gist Shortcodes plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'id' Shortcode Attribute vulnerability discovered by zakaria in WordPress Plugin Easy GitHub Gist Shortcodes versions = 1.0...

WordPress Smart App Banners plugin <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'size' and 'verticalalign' Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'size' and 'verticalalign' Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin Smart App Banners versions = 1.2...

WordPress ACF to REST API plugin <= 3.3.4 - Insecure Direct Object Reference to Authenticated (Contributor+) ACF Field/Option Modification vulnerability

Insecure Direct Object Reference to Authenticated Contributor+ ACF Field/Option Modification vulnerability discovered by Kai Aizen in WordPress Plugin ACF to REST API versions = 3.3.4...

WordPress NS IE Compatibility Fixer plugin <= 2.1.5 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by afnaan - SMKN 1 Bantul in WordPress Plugin NS Ie Compatibility Fixer versions = 2.1.5...

CVE-2025-69359

The CVE-2025-69359 entry concerns a Missing Authorization vulnerability in Creator LMS (Creator LMS – The LMS for Creators, Coaches, and Trainers). The connected Wordfence report confirms this issue exists in Creator LMS versions from inception up to and including 1.1.12 and describes it as an ac...

CVE-2025-69351 WordPress Ninja Tables plugin <= 5.2.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows Blind SQL Injection.This issue affects Ninja Tables: from n/a through = 5.2.4...