CVE-2024-48032

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sumitsurai Featured Posts with Multiple Custom Groups FPMCG featured-posts-with-multiple-custom-groups-fpmcg allows Reflected XSS.This issue affects Featured Posts with Multiple Custom Groups FPMCG...

CVE-2024-53780

Cross-Site Request Forgery CSRF vulnerability in rajeevglocify Load More Posts load-more-posts allows Stored XSS.This issue affects Load More Posts: from n/a through = 1.5.0...

CVE-2024-53730

Cross-Site Request Forgery CSRF vulnerability in springthistle April's Call Posts aprils-call-posts allows Stored XSS.This issue affects April's Call Posts: from n/a through = 2.1.1...

CVE-2024-53994

creationtimestamp| type| source ---|---|--- 2025-02-04 21:20:48+00:00| seen| https://infosec.exchange/users/cve/statuses/113947708468156282 2025-02-04 22:16:18+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhf3hua6gm2j 2025-02-05 00:45:44+00:00| seen|...

CVE-2025-24971

creationtimestamp| type| source ---|---|--- 2025-02-04 18:57:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113947144108335156 2025-02-04 19:16:11+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lherfrzjqf2i 2025-02-04 22:15:20+00:00| seen|...

CVE-2024-57428

creationtimestamp| type| source ---|---|--- 2025-02-04 16:00:09+00:00| published-proof-of-concept| Telegram/Zrldk8z1EwjpYU8Vg3CSH1QFx-z50lEQp2XdvPCkQk6RQ8I 2025-02-06 16:22:53+00:00| seen| https://infosec.exchange/users/cve/statuses/113957861655010492 2025-02-06 17:16:18+00:00| seen|...

CVE-2025-22699

creationtimestamp| type| source ---|---|--- 2025-02-04 15:16:35+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhedzdiovf2b 2025-02-04 16:03:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lhegmtwewl2l 2025-02-04 16:48:47+00:00| seen|...

CVE-2025-20891

creationtimestamp| type| source ---|---|--- 2025-02-04 08:16:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdmk3qrw42r 2025-02-04 10:32:40+00:00| seen| https://t.me/cvedetector/17168 2025-02-04 12:19:06+00:00| seen|...

CVE-2024-12046

The Medical Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.6.2 via the 'namedicalelementortemplate' shortcode due to missing validation on a user controlled key. This makes it possible for authenticated attackers,...

CVE-2024-13514 B Slider- Gutenberg Slider Block for WP <= 1.1.23 - Authenticated (Contributor+) Private Post Disclosure via bsb-slider Shortcode

The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.9.5 via the 'bsb-slider' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, wi...

CVE-2024-13514

CVE-2024-13514 concerns the WordPress plugin B Slider- Gutenberg Slider Block for WP. The CVE describes Information Exposure via the bsb-slider shortcode, enabling authenticated users with Contributor+ privileges to read private posts. Reported affected versions include up to 1.9.5 (per the CVE r...

CVE-2025-24963

creationtimestamp| type| source ---|---|--- 2025-02-04 06:23:56+00:00| published-proof-of-concept| https://github.com/vitest-dev/vitest/security/advisories/GHSA-8gvc-j273-4wm5 2025-02-04 20:16:12+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lheur3fp7v2c 2025-02-04...

PT-2025-2200 · WordPress · B Slider- Gutenberg Slider Block

Name of the Vulnerable Software and Affected Versions: The B Slider- Gutenberg Slider Block for WP plugin for WordPress versions up to, and including, 1.9.5 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private posts they should...

PT-2025-1736 · WordPress · Medical Addon For Elementor

Name of the Vulnerable Software and Affected Versions: Medical Addon for Elementor plugin for WordPress versions up to, and including, 1.6.2 Description: The issue allows authenticated attackers with Contributor-level access and above to read the content of draft, pending, and private posts due t...

CVE-2025-0148

creationtimestamp| type| source ---|---|--- 2025-02-03 23:15:22+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcockj32r2i 2025-02-03 23:30:11+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3lhcp4zzahf2e 2025-02-04 02:08:39+00:00| seen|...

WordPress B Slider- Gutenberg Slider Block for WP plugin <= 1.1.23 - Authenticated (Contributor+) Private Post Disclosure via bsb-slider Shortcode vulnerability

Authenticated Contributor+ Private Post Disclosure via bsb-slider Shortcode vulnerability discovered by Nishiv in WordPress Plugin B Slider versions = 1.1.23...

CVE-2025-24906

creationtimestamp| type| source ---|---|--- 2025-02-03 21:49:06+00:00| seen| https://infosec.exchange/users/cve/statuses/113942157461874885 2025-02-03 22:16:18+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhckywoopj2c 2025-02-03 23:40:52+00:00| seen|...

WordPress Blog, Posts and Category Filter for Elementor plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by ghsinfosec Patchstack Alliance in WordPress Plugin Blog, Posts and Category Filter for Elementor versions = 2.0.1...

CVE-2024-12511

creationtimestamp| type| source ---|---|--- 2025-02-03 19:29:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113941609009302527 2025-02-03 20:16:13+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhcec765r52r 2025-02-03 22:00:19+00:00| seen|...

CVE-2024-56161

creationtimestamp| type| source ---|---|--- 2025-02-03 18:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhc5ld77ig2p 2025-02-03 20:19:12+00:00| seen| https://t.me/cvedetector/17082 2025-02-03 21:11:49+00:00| seen|...