WordPress plugin Post Form 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Post Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-1170

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media file deletion due to a missing capability check on the handledeletedmedia function in all versions up to, and including,...

PT-2024-17195 · WordPress · The Post Form – Registration Form – Profile Form For User Profiles – Frontend Content Forms For User Submissions

Name of the Vulnerable Software and Affected Versions: The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress versions up to, and including, 2.8.7 Description: The issue is related to a missing capability check on...

CVE-2023-25981

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in ThemeKraft Post Form plugin = 2.8.1 versions...

CVE-2023-25981

CVE-2023-25981 is a Stored Cross-Site Scripting (XSS) vulnerability in WordPress BuddyForms plugin versions up to 2.8.1. The issue arises from insufficient input escaping in the Post Form workflow, enabling an attacker with Contributor privileges to inject scripts into a site. A fixed version is ...