WordPress Easy Related Posts plugin <= 2.0.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by Abdi Pranata in WordPress Plugin Easy Related Posts versions = 2.0.2...

CVE-2024-57522

creationtimestamp| type| source ---|---|--- 2025-02-03 13:13:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113940128372651821 2025-02-03 13:15:43+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhbmsbmtat2i 2025-02-03 14:08:00+00:00| seen|...

CVE-2025-20635

creationtimestamp| type| source ---|---|--- 2025-02-03 04:16:16+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhaononxcq2r 2025-02-03 07:46:43+00:00| seen| https://t.me/cvedetector/17044 2025-02-03 08:03:42+00:00| seen|...

WordPress Migrate Posts Plugin <=1.0 - Post Based Cross Site Scripting (XSS) vulnerability

Post Based Cross Site Scripting XSS vulnerability discovered by wackydawg in WordPress Plugin Migrate Posts versions = 1.0...

CVE-2024-56898

creationtimestamp| type| source ---|---|--- 2025-02-02 16:00:08+00:00| published-proof-of-concept| Telegram/UyVI-ODfpx-m79cxnYxNG85GR0fDpOs6exyBtw4kZXt7s 2025-02-03 20:53:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113941938396491531 2025-02-03 21:15:40+00:00| seen|...

CVE-2024-12825

The Custom Related Posts plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on three AJAX actions in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above...

CVE-2024-12825

The Custom Related Posts plugin for WordPress is vulnerable to unauthorized access & modification of data due to a missing capability check on three AJAX actions in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with Subscriber-level access and above...

CVE-2024-13651

creationtimestamp| type| source ---|---|--- 2025-02-01 04:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh3nph5r7z2p 2025-02-01 05:25:45+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3710 2025-02-01 07:16:25+00:00| seen|...

CVE-2024-13547

creationtimestamp| type| source ---|---|--- 2025-02-01 04:16:01+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh3npevnhs27 2025-02-01 05:25:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3711 2025-02-01 07:16:31+00:00| seen|...

WordPress Custom Related Posts plugin <= 1.7.3 - Missing Authorization to Authenticated (Subscriber+) Private Post Search and Relation Updates vulnerability

Missing Authorization to Authenticated Subscriber+ Private Post Search and Relation Updates vulnerability discovered by Lucio Sá in WordPress Plugin Custom Related Posts versions = 1.7.3...

PT-2025-2265 · WordPress · Woocommerce Support Ticket System

Name of the Vulnerable Software and Affected Versions: WooCommerce Support Ticket System plugin for WordPress versions up to, and including, 17.8 Description: The issue is related to missing capability checks on the ajax delete message, ajax get customers partial list, and ajax get admins list...

CVE-2024-53357

creationtimestamp| type| source ---|---|--- 2025-01-31 22:15:28+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2zkotmw32c 2025-01-31 23:25:03+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3697 2025-02-01 01:25:43+00:00| seen|...

CVE-2024-53584

creationtimestamp| type| source ---|---|--- 2025-01-31 17:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2ismyblm2t 2025-01-31 19:34:17+00:00| seen| https://t.me/cvedetector/16961 2025-01-31 21:35:31+00:00| seen|...

CVE-2024-49349

creationtimestamp| type| source ---|---|--- 2025-01-31 17:15:39+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2iskla4l2p 2025-01-31 19:34:16+00:00| seen| https://t.me/cvedetector/16960 2025-01-31 21:35:30+00:00| seen|...

WordPress Disqus Popular Posts plugin <= 2.1.1 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Disqus Popular Posts versions = 2.1.1...

CVE-2025-24534

creationtimestamp| type| source ---|---|--- 2025-01-31 09:16:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzo2bem322p 2025-01-31 10:15:37+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/3627 2025-01-31 11:11:52+00:00| seen| https://t.me/cvedetector/16923...

CVE-2024-13226

creationtimestamp| type| source ---|---|--- 2025-01-31 06:16:24+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzdxqlkc62f 2025-01-31 06:49:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113921632200573899 2025-01-31 07:24:07+00:00| seen|...

CVE-2024-13218

creationtimestamp| type| source ---|---|--- 2025-01-31 06:16:04+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgzdx4qn7k2p 2025-01-31 06:19:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113921514107719292 2025-01-31 07:30:48+00:00| seen|...

CVE-2024-47891

creationtimestamp| type| source ---|---|--- 2025-01-31 03:19:43+00:00| seen| https://infosec.exchange/users/cve/statuses/113920808266719706 2025-01-31 04:15:58+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgz5afde6a2b 2025-01-31 05:24:37+00:00| seen|...

CVE-2024-23963

creationtimestamp| type| source ---|---|--- 2025-01-31 00:12:56+00:00| seen| https://infosec.exchange/users/cve/statuses/113920073765596202 2025-01-31 00:17:07+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgypvcfiax2f 2025-01-31 00:17:46+00:00| seen|...