WordPress plugin Dynamic Pricing With Discount Rules for WooCommerce 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injection...

WordPress plugin Houzez Theme - Functionality 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. WordPress plugin Houz...

WordPress plugin Hubbub Lite 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-sit...

WordPress plugin TheGem (Elementor) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress plugin tagDiv Composer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...

CVE-2025-12045

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output...

WordPress Visual Link Preview plugin <= 2.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via visual-link-preview Shortcode vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Visual Link Preview versions = 2.2.7...

WordPress Depicter Slider plugin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload vulnerability

Missing Authorization to Authenticated Contributor+ Safe File Type Upload vulnerability discovered by Rafshanzani Suhada in WordPress Plugin Depicter Slider versions = 4.0.4...

WordPress File Manager for Google Drive plugin <= 1.5.3 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by ifoundbug in WordPress Plugin Integrate Google Drive versions = 1.5.3...

WordPress Features plugin <= 0.0.2 - Missing Authorization to Authenticated (Subscriber+) Option Reset vulnerability

Missing Authorization to Authenticated Subscriber+ Option Reset vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Module Features versions = 0.0.2...

WordPress NS Maintenance Mode for WP plugin cross-site scripting vulnerability

WordPress NS Maintenance Mode for WP plugin is a WordPress plugin for setting a website into maintenance mode, displaying temporary pages to visitors during updates or maintenance while allowing administrators or designated users to access the backend. The WordPress NS Maintenance Mode for WP...

WordPress Depicter plugin cross-site request forgery vulnerability

WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...

WordPress Noo JobMonster plugin authentication bypass vulnerability

WordPress Noo JobMonster plugin is a recruitment theme on the WordPress platform, mainly used to build a job search and recruitment website, support for employers to post jobs, job seekers to submit resumes and other functions. WordPress Noo JobMonster plugin has an authentication bypass...

WordPress plugin Graphina 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

WordPress plugin The Events Calendar 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin The Events Calendar has an information disclosure vulnerability, the...

WordPress plugin Document Embedder – Embed PDFs Word Excel and Other Files 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Document Embedder -...

WordPress plugin integrate-google-drive 信息泄露漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin integrate-google-drive has an information disclosure vulnerability, the...

WordPress Booking Manager plugin <= 2.1.17 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jan Barszcz in WordPress Plugin Booking Manager versions = 2.1.17...

EUVD-2025-37757

The Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the category and tag 'name' parameters in all versions up to, and including, 3.0.2 due to insufficient input sanitization and output...

WordPress Footnotes Made Easy plugin <= 3.0.7 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Footnotes Made Easy versions = 3.0.7...