WordPress Posts Date Ranges plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin Posts Date Ranges versions = 2.2...

CVE-2024-11181

The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 9.9.9.3 via the 'wpreusablerender' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticate...

CVE-2024-11709

The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the aipostgeneratordeletePost AJAX action in all versions up to, and including, 3.5. This makes it possible for authenticated attackers, with...

WordPress plugin Greenshift 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin AI Post Generator | AutoWriter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-44243

creationtimestamp| type| source ---|---|--- 2024-12-11 23:14:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113636726892718971 2025-01-13 17:19:50+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113822190087719298 2025-01-13 21:09:32+00:00| seen|...

WordPress Mark New Posts plugin <= 7.5.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ngô Thái An Patchstack Alliance in WordPress Plugin Mark New Posts versions = 7.5.1...

CVE-2024-12294 Last Viewed Posts by WPBeginner <= 1.0.1 - Unauthenticated Sensitive Information Exposure

The Last Viewed Posts by WPBeginner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.1 via the 'getlegacycookies' function. This makes it possible for unauthenticated attackers to extract sensitive data including titles and permalinks ...

WordPress Last Viewed Posts by WPBeginner plugin <= 1.0.1 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Last Viewed Posts by WPBeginner versions = 1.0.1...

PT-2024-16697 · WordPress · Members – Membership & User Role Editor Plugin

Name of the Vulnerable Software and Affected Versions: Members – Membership & User Role Editor Plugin versions up to, and including, 3.2.10 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as administrators, via th...

CVE-2024-49112

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 19:12:03+00:00| seen| https://infosec.exchange/users/vuldb/statuses/113630112880421336 2024-12-10 20:52:38+00:00| seen|...

CVE-2024-49138

creationtimestamp| type| source ---|---|--- 2024-12-10 17:33:56+00:00| seen| https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review 2024-12-10 17:58:30+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113629823630772527 2024-12-10 19:22:31+00:00| seen|...

CVE-2023-29237

Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5...

CVE-2023-29237

Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts remove-duplicate-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through = 1.3.5...

CVE-2023-25454

Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Button: from n/a through 1.4.5...

CVE-2023-25454

CVE-2023-25454 maps to the WordPress Protected Posts Logout Button plugin vulnerability (

CVE-2023-25454 WordPress Protected Posts Logout Button plugin <= 1.4.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Nate Reist Protected Posts Logout Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Protected Posts Logout Button: from n/a through 1.4.5...

CVE-2023-29237 WordPress Remove Duplicate Posts plugin <= 1.3.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5...

CVE-2023-29237

CVE-2023-29237 affects WordPress plugin Remove Duplicate Posts (

CVE-2023-29237 WordPress Remove Duplicate Posts plugin <= 1.3.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in Muhammad Rehman Remove Duplicate Posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Remove Duplicate Posts: from n/a through 1.3.5...