WordPress plugin TheGem 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin tagDiv Composer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

WordPress plugin Togo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin TheGem (Elementor) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin TheGem Theme Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin Case Addons 安全漏洞

The WordPress Case Addons plugin is a plugin for the Elementor page builder that offers a wide range of functional components and templates for enhancing website design and content presentation. The WordPress Case Addons plugin suffers from a file upload vulnerability that stems from the...

CVE-2025-12045

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output...

WordPress Visual Link Preview plugin <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Visual Link Preview versions = 2.2.7...

WordPress Depicter Slider plugin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload vulnerability

Missing Authorization to Authenticated Contributor+ Safe File Type Upload vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Depicter Slider versions = 4.0.4...

WordPress File Manager for Google Drive plugin <= 1.5.3 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by ifoundbug in WordPress Plugin Integrate Google Drive versions = 1.5.3...

WordPress Features plugin <= 0.0.2 - Missing Authorization to Authenticated (Subscriber+) Option Reset vulnerability

Missing Authorization to Authenticated Subscriber+ Option Reset vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Module Features versions = 0.0.2...

WordPress plugin integrate-google-drive 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin integrate-google-drive has an information disclosure vulnerability, the...

WordPress NS Maintenance Mode for WP plugin cross-site scripting vulnerability

WordPress NS Maintenance Mode for WP plugin is a WordPress plugin for setting a website into maintenance mode, displaying temporary pages to visitors during updates or maintenance while allowing administrators or designated users to access the backend. The WordPress NS Maintenance Mode for WP...

WordPress plugin Document Embedder – Embed PDFs Word Excel and Other Files 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Document Embedder -...

WordPress plugin Graphina 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin The Events Calendar 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin The Events Calendar has an information disclosure vulnerability, the...

WordPress Depicter plugin cross-site request forgery vulnerability

WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...

WordPress Noo JobMonster plugin authentication bypass vulnerability

WordPress Noo JobMonster plugin is a recruitment theme on the WordPress platform, mainly used to build a job search and recruitment website, support for employers to post jobs, job seekers to submit resumes and other functions. WordPress Noo JobMonster plugin has an authentication bypass...

WordPress Booking Manager plugin <= 2.1.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jan Barszcz in WordPress Plugin Booking Manager versions = 2.1.17...

EUVD-2025-37757

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output...