WordPress Related Posts Thumbnails Plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Carlos Ferreira in WordPress Plugin Related Posts Thumbnails Plugin for WordPress versions = 4.3.2...

CVE-2025-13062

creationtimestamp| type| source ---|---|--- 2026-01-15 14:43:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mchsznpigd2g 2026-01-15 14:43:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcht2hipda2e...

CVE-2026-22638

creationtimestamp| type| source ---|---|--- 2026-01-15 14:43:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mchszgdjha2z 2026-01-15 14:43:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcht2a7wnb2u 2026-01-15 15:12:34+00:00| seen|...

CVE-2026-22643

creationtimestamp| type| source ---|---|--- 2026-01-15 14:43:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mchsz6yior2f 2026-01-15 14:43:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mchszz4er322 2026-01-15 15:12:34+00:00| seen|...

CVE-2026-0712

creationtimestamp| type| source ---|---|--- 2026-01-15 13:51:59+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mchq5onbx22e 2026-01-15 13:52:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mchq6hbhlo2a 2026-01-15 15:12:33+00:00| seen|...

CVE-2026-0813

The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'shortlinkposttitle' and 'shortlinkpagetitle' parameters in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attacker...

Altium 365 security vulnerabilities

Altium 365 is a product design and development platform provided by the American company Altium. There is a security vulnerability in Altium 365, which stems from the lack of server-side input sanitization in the forum posts. This vulnerability may lead to storage-based cross-site scripting attac...

CVE-2025-70968

creationtimestamp| type| source ---|---|--- 2026-01-14 18:01:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcfnmukgqy2f 2026-01-14 19:37:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcfszcx5gl2q...

CVE-2026-21267

creationtimestamp| type| source ---|---|--- 2026-01-14 06:15:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mceg6qqjiv22 2026-01-14 06:16:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcegaovo622z...

CVE-2026-21281

creationtimestamp| type| source ---|---|--- 2026-01-14 06:15:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mceg6k7mbk2z 2026-01-14 06:16:36+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcegah43hy2b...

CVE-2025-37168

creationtimestamp| type| source ---|---|--- 2026-01-14 06:15:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mceg6dk7ox2p 2026-01-14 06:16:27+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcega74kpn2v...

CVE-2025-12052

creationtimestamp| type| source ---|---|--- 2026-01-14 05:38:24+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcee467klb2a 2026-01-14 05:38:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcee4x4ppb2u...

CVE-2025-14943

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 8.7.2. This is due to a misconfigured authorization check on the 'getShipItemFullText' function which only verifies that a user has the...

CVE-2025-14718

The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.9.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated...

CVE-2026-22861

creationtimestamp| type| source ---|---|--- 2026-01-13 21:59:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdkgnxxri2p 2026-01-13 22:46:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcdn3wkwog2q...

CVE-2026-21280

creationtimestamp| type| source ---|---|--- 2026-01-13 20:09:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdebzwdra2z 2026-01-13 20:09:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdedioj5e2p...

CVE-2026-21277

creationtimestamp| type| source ---|---|--- 2026-01-13 20:08:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdebrfloj2u 2026-01-13 20:09:42+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdeda24jj27...

CVE-2026-21276

creationtimestamp| type| source ---|---|--- 2026-01-13 20:08:46+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdebkhgtb2u 2026-01-13 20:09:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcdecxyrlr2u...

CVE-2025-66698

creationtimestamp| type| source ---|---|--- 2026-01-13 18:13:30+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcd5th2xwd2a 2026-01-13 18:14:34+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mcd5vecsdk2m...

CVE-2026-20946

creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:18:45+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0010 2026-01-13 18:31:09+00:00| seen|...