CVE-2025-54706

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Posts Display magical-posts-display allows DOM-Based XSS.This issue affects Magical Posts Display: from n/a through = 1.2.52...

CVE-2025-52728

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

CVE-2025-55674

creationtimestamp| type| source ---|---|--- 2025-08-14 11:09:23+00:00| seen| https://seclists.org/oss-sec/2025/q3/107 2025-08-14 13:30:43+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lweh5v4hus2o 2025-08-14 15:02:16+00:00| seen|...

CVE-2025-54706

CVE-2025-54706 concerns the WordPress plugin Magical Posts Display (versions up to and including 1.2.52). The issue is a DOM-based cross-site scripting (XSS) vulnerability caused by improper neutralization of user input during web page generation. Impact, per the sources, is low to medium across ...

CVE-2025-54706 WordPress Magical Posts Display Plugin plugin <= 1.2.52 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Posts Display magical-posts-display allows DOM-Based XSS.This issue affects Magical Posts Display: from n/a through = 1.2.52...

CVE-2025-54706 WordPress Magical Posts Display Plugin plugin <= 1.2.52 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Noor Alam Magical Posts Display allows DOM-Based XSS. This issue affects Magical Posts Display: from n/a through 1.2.52...

CVE-2025-52728

CVE-2025-52728 is a PHP Local File Inclusion vulnerability in the WordPress plugin “Responsive Posts Carousel Pro” (affected: versions up to 15.0), caused by improper control of filenames used in include/require statements. The issue enables inclusion of local files via crafted input. Connected s...

CVE-2025-52728 WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

CVE-2025-52728 WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel WordPress Plugin allows PHP Local File Inclusion. This issue affects Responsive Posts Carousel WordPress Plugin: from n/a through 15.0...

CVE-2025-4390

The WP Private Content Plus plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.6.2 via the 'validaterestrictions' function. This makes it possible for unauthenticated attackers to extract sensitive data including the content of resticted...

CVE-2025-5187

creationtimestamp| type| source ---|---|--- 2025-08-14 01:07:14+00:00| seen| https://bsky.app/profile/kubernetes.dev/post/3lwd5m3yc6j2i 2025-08-14 03:26:50+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3lwdfg26erm2s 2025-08-14 16:22:07+00:00| seen|...

WordPress plugin Responsive Posts Carousel WordPress Plugin Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2025-33209 · WordPress · Webcodingplace Responsive Posts Carousel

Name of the Vulnerable Software and Affected Versions: WebCodingPlace Responsive Posts Carousel WordPress Plugin versions through 15.0 Description: The vulnerability involves improper control of filename handling for include/require statements in a PHP program, specifically a PHP Local File...

WordPress plugin Magical Posts Display 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

PT-2025-33258 · WordPress · Magical Posts Display

Name of the Vulnerable Software and Affected Versions: Magical Posts Display versions 1.0.0 through 1.2.52 Description: The software contains a DOM-Based Cross-site Scripting issue due to improper neutralization of input during web page generation. Recommendations: Update Magical Posts Display to...

CVE-2025-34154

creationtimestamp| type| source ---|---|--- 2025-08-13 23:26:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwcxxu653d2d 2025-08-14 00:01:44+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lwczxcf6es26 2025-08-14 00:01:44+00:00| seen|...

CVE-2025-8875

creationtimestamp| type| source ---|---|--- 2025-08-13 22:36:36+00:00| seen| https://bsky.app/profile/ytroncal.bsky.social/post/3lwcv6xb2js2v 2025-08-14 04:02:32+00:00| seen| https://bsky.app/profile/pigondrugs.bsky.social/post/3lwdhfvaq3z2s 2025-08-14 07:58:58+00:00| seen|...

CVE-2025-8876

creationtimestamp| type| source ---|---|--- 2025-08-13 20:00:13+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lwcmhgysnr2h 2025-08-13 22:36:57+00:00| seen| https://bsky.app/profile/ytroncal.bsky.social/post/3lwcv7lyc622v 2025-08-14 04:02:32+00:00| seen|...

CVE-2025-8904

creationtimestamp| type| source ---|---|--- 2025-08-13 17:25:19+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115022621486047024 2025-08-13 18:04:17+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3lwcfy43bsv2w 2025-08-14 03:01:43+00:00| seen|...

WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Responsive Posts Carousel Pro versions = 15.0...