PT-2024-16601 · WordPress · Enter Addons – Ultimate Template Builder For Elementor

Name of the Vulnerable Software and Affected Versions: The Enter Addons – Ultimate Template Builder for Elementor plugin for WordPress versions up to, and including, 2.1.9 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private or...

CVE-2024-11089

The Anonymous Restricted Content plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.6.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been...

CVE-2024-11088

The Simple Membership plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.5.5 via the WordPress core search feature. This makes it possible for unauthenticated attackers to extract sensitive data from posts that have been restricted to...

CVE-2024-10696

The UltraAddons – Elementor Addons Header Footer Builder, Custom Font, Custom CSS,Woo Widget, Menu Builder, Anywhere Elementor Shortcode plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.8 via the showtemplate due to missing validatio...

CVE-2024-10671

The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.1.4 via the btnblock shortcode due to insufficient restrictions on which posts can be included. This makes it possible for...

CVE-2024-10671

CVE-2024-10671 affects the WordPress plugin Button Block (versions up to and including 1.1.4). The issue allows authenticated attackers with Contributor-level access and above to exfiltrate data from password‑protected, private, or draft posts via the btn_block shortcode due to insufficient post‑...

PT-2024-16442 · WordPress · The Easy Twitter Feed – Twitter Feeds Plugin For Wp

Name of the Vulnerable Software and Affected Versions: The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress version 1.2.6 and earlier Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from password protected, private,...

WordPress plugin Theme Builder For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Button Block 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

WordPress plugin UltraAddons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-16448 · WordPress · The Button Block

Name of the Vulnerable Software and Affected Versions: The Button Block – Get fully customizable & multi-functional buttons plugin for WordPress versions up to, and including, 1.1.4 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from...

CVE-2024-51886

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Takashi Matsuyama Posts Filter posts-filter allows Stored XSS.This issue affects Posts Filter: from n/a through = 1.3.1...

CVE-2024-51884

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Takashi Matsuyama Posts Search posts-search allows Stored XSS.This issue affects Posts Search: from n/a through = 1.2.2...

CVE-2024-51804

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobmatnyc Moka Get Posts Shortcode moka-get-posts allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through = 1.0...

CVE-2024-51804 WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bob Matsuoka Moka Get Posts Shortcode allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through 1.0...

CVE-2024-51804 WordPress Moka Get Posts Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bobmatnyc Moka Get Posts Shortcode moka-get-posts allows DOM-Based XSS.This issue affects Moka Get Posts Shortcode: from n/a through = 1.0...

CVE-2024-51804

CVE-2024-51804 : DOM-based XSS in WordPress plugin Moka Get Posts Shortcode (moka-get-posts)

CVE-2024-51884 WordPress Posts Search plugin <= 1.2.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Takashi Matsuyama Posts Search allows Stored XSS.This issue affects Posts Search: from n/a through 1.2.2...

CVE-2024-51884 WordPress Posts Search plugin <= 1.2.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Takashi Matsuyama Posts Search posts-search allows Stored XSS.This issue affects Posts Search: from n/a through = 1.2.2...

CVE-2024-51886 WordPress Posts Filter plugin <= 1.3.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Takashi Matsuyama Posts Filter posts-filter allows Stored XSS.This issue affects Posts Filter: from n/a through = 1.3.1...