CVE-2026-8867

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

CVE-2026-8867

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

EUVD-2026-32095

The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as...

WordPress plugin Post Category Gallery 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

CVE-2026-2126

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Incorrect Authorization in all versions up to, and including, 20260113. This is due to the uspgetsubmittedcategory function accepting user-submitted category IDs from the POST body...

CVE-2025-23586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MAL73049 WP Post Category Notifications wp-post-category-notifications allows Reflected XSS.This issue affects WP Post Category Notifications: from n/a through = 1.0...

EUVD-2025-11992

Malicious code in bioql PyPI...

EUVD-2025-5718

Malicious code in bioql PyPI...

CVE-2025-46524

Cross-Site Request Forgery CSRF vulnerability in stesvis WP Filter Post Category wp-filter-post-categories allows Stored XSS.This issue affects WP Filter Post Category: from n/a through = 2.1.4...

CVE-2025-46524

Cross-Site Request Forgery CSRF vulnerability in stesvis WP Filter Post Category wp-filter-post-categories allows Stored XSS.This issue affects WP Filter Post Category: from n/a through = 2.1.4...

CVE-2025-46524 WordPress WP Filter Post Category plugin <= 2.1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in stesvis WP Filter Post Category wp-filter-post-categories allows Stored XSS.This issue affects WP Filter Post Category: from n/a through = 2.1.4...

CVE-2025-46524

CVE-2025-46524 concerns the WP Filter Post Category WordPress plugin (stesvis) with a CSRF vulnerability that enables Stored XSS in versions up to and including 2.1.4. The issue stems from CSRF handling in the plugin that allows an attacker to induce stored script execution when a trusted user vi...

WordPress plugin WP Filter Post Category 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

CVE-2025-23586

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MAL73049 WP Post Category Notifications wp-post-category-notifications allows Reflected XSS.This issue affects WP Post Category Notifications: from n/a through = 1.0...

CVE-2025-23586

CVE-2025-23586 concerns the WordPress plugin WP Post Category Notifications (versions &lt;= 1.0). The vulnerability is a reflected Cross-Site Scripting (XSS) flaw caused by improper neutralization of input during web page generation, enabling attacker-controlled input to be reflected in a web pag...

CVE-2025-23586 WordPress WP Post Category Notifications plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MAL73049 WP Post Category Notifications wp-post-category-notifications allows Reflected XSS.This issue affects WP Post Category Notifications: from n/a through = 1.0...

WordPress plugin WP Post Category Notifications 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress WP Post Category Notifications plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin WP Post Category Notifications versions = 1.0...

CVE-2024-4667

The Blog, Posts and Category Filter for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post and Category Filter widget in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied 'posttypes' attribute...

PT-2024-32101 · WordPress · The Blog

Name of the Vulnerable Software and Affected Versions: The Blog, Posts and Category Filter for Elementor plugin for WordPress version 1.0.3 and earlier Description: The issue is related to Stored Cross-Site Scripting via the Post and Category Filter widget due to insufficient input sanitization a...