WordPress plugin Royal Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-11176

The Quick Featured Images plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 13.7.2 via the qfisetthumbnail and qfideletethumbnail AJAX actions due to missing validation on a user controlled key. This makes it possible for authenticated...

EUVD-2024-40571

Malicious code in bioql PyPI...

EUVD-2023-32772

Malicious code in bioql PyPI...

EUVD-2024-22208

Malicious code in bioql PyPI...

EUVD-2024-31345

Malicious code in bioql PyPI...

EUVD-2024-37570

Malicious code in bioql PyPI...

CVE-2024-24845

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Sewpafly Post Thumbnail Editor.This issue affects Post Thumbnail Editor: from n/a through 2.4.8...

CVE-2023-29171

Unauth. Reflected Cross-site Scripting XSS vulnerability in Magic Post Thumbnail plugin = 4.1.10 versions...

CVE-2021-24932

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.3 does not sanitise and escape the postid parameter before outputting back in an admin page within a JS block, leading to a Reflected Cross-Site Scripting issue...

CVE-2024-43921

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9...

CVE-2024-38719

Missing Authorization vulnerability in Creative Motion Auto Featured Image Auto Post Thumbnail allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Featured Image Auto Post Thumbnail: from n/a through 4.1.2...

WordPress plugin Auto Featured Image (Auto Post Thumbnail) 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

CVE-2024-43921

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9...

CVE-2024-43921

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9...

CVE-2024-43921 WordPress Generate Images – Magic Post Thumbnail plugin <= 5.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9...

CVE-2024-43921 WordPress Generate Images – Magic Post Thumbnail plugin <= 5.2.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Magic Post Thumbnail allows Reflected XSS.This issue affects Magic Post Thumbnail: from n/a through 5.2.9...

CVE-2024-43921

CVE-2024-43921 is a Reflected XSS in the Generate Images – Magic Post Thumbnail WordPress plugin, affecting versions up to 5.2.9. Root cause: improper input neutralization during web page generation. Impact: Cross-site scripting risk via user-supplied input reflected in the page. Remediation: upd...

WordPress plugin Magic Post Thumbnail 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-30782 · Unknown · Magic Post Thumbnail

Name of the Vulnerable Software and Affected Versions: Magic Post Thumbnail versions 5.2.9 and earlier Description: The issue is related to improper neutralization of input during web page generation, leading to a Cross-site Scripting XSS vulnerability. This allows for Reflected XSS. The estimate...