WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Featured Posts Grid versions = 1.7...

WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin List of Posts from each Category plugin for WordPress versions = 2.0...

CVE-2025-28905

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

CVE-2025-28894

Cross-Site Request Forgery CSRF vulnerability in frucomerci List of Posts from each Category plugin for WordPress list-posts-by-category allows Stored XSS.This issue affects List of Posts from each Category plugin for WordPress: from n/a through = 2.0...

CVE-2025-28905 WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

CVE-2025-28905

CVE-2025-28905 relates to the WordPress plugin Featured Posts Grid (versions at or below 1.7). The connected docs confirm an improper handling of input during web page generation, enabling a CSRF to Stored XSS chain. The CVSS 3.1 base metrics (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L) indicate network...

CVE-2025-28905 WordPress Featured Posts Grid plugin <= 1.7 - CSRF to Stored XSS vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Chaser324 Featured Posts Grid featured-posts-grid allows Stored XSS.This issue affects Featured Posts Grid: from n/a through = 1.7...

CVE-2025-28894 WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in frucomerci List of Posts from each Category plugin for WordPress list-posts-by-category allows Stored XSS.This issue affects List of Posts from each Category plugin for WordPress: from n/a through = 2.0...

CVE-2025-28894 WordPress List of Posts from each Category plugin for WordPress plugin <= 2.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in frucomerci List of Posts from each Category plugin for WordPress list-posts-by-category allows Stored XSS.This issue affects List of Posts from each Category plugin for WordPress: from n/a through = 2.0...

CVE-2025-24076

creationtimestamp| type| source ---|---|--- 2025-03-11 16:39:36+00:00| seen| https://www.thezdi.com/blog/2025/3/11/the-march-2025-security-update-review 2025-03-31 02:31:04+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9584 2025-04-15 09:00:16+00:00| seen|...

CVE-2025-22454

creationtimestamp| type| source ---|---|--- 2025-03-11 14:39:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7155 2025-03-11 17:37:31+00:00| seen| https://t.me/cvedetector/20087 2025-03-12 13:31:29+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lk6owi4smk2y 2025-03-24...

CVE-2024-54085

creationtimestamp| type| source ---|---|--- 2025-03-11 14:33:49+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114144289034101069 2025-03-11 14:40:25+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk4ccu6lze2v 2025-03-18 12:31:00+00:00| seen|...

CVE-2024-56181

creationtimestamp| type| source ---|---|--- 2025-03-11 11:48:28+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114143638836321476 2025-03-11 12:35:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lk43e3dmae26 2025-03-13 11:00:00+00:00| seen|...

CVE-2025-0151

creationtimestamp| type| source ---|---|--- 2025-03-11 11:28:45+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3lk3xm6jwfh2w 2025-03-11 19:48:50+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114145527668165612 2025-03-11 20:46:21+00:00| seen|...

WordPress plugin List of Posts from each Category 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an applicatio...

CVE-2025-25306

creationtimestamp| type| source ---|---|--- 2025-03-10 19:40:22+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lk2cmbftsd2v 2025-03-10 19:48:42+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114139864871772564 2025-03-10 23:13:49+00:00| seen|...

CVE-2025-24813

creationtimestamp| type| source ---|---|--- 2025-03-10 17:14:40+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lk22hs7zke24 2025-03-10 17:38:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7027 2025-03-10 17:45:38+00:00| seen|...

CVE-2024-13918

creationtimestamp| type| source ---|---|--- 2025-03-10 10:39:29+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6989 2025-03-10 11:40:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljzhrxmaoz2h 2025-03-10 11:48:30+00:00| seen|...

CVE-2024-12610

The School Management System for Wordpress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'mjsmgtremovefeetype' and 'mjsmgtremovecategorynew' AJAX actions in all versions up to, and including, 93.0.0. This makes it possible for...

CVE-2025-1322

The WP-Recall – Registration, Profile, Commerce & More plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 16.26.10 via the 'feed' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for unauthenticated...