CVE-2024-33643 WordPress Advanced Most Recent Posts Mod plugin <= 1.6.5.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2...

PT-2024-25404 · Unknown · Kailey Lampert Advanced Most Recent Posts Mod

Name of the Vulnerable Software and Affected Versions: Kailey Lampert Advanced Most Recent Posts Mod versions through 1.6.5.2 Description: The issue affects the Kailey Lampert Advanced Most Recent Posts Mod, allowing Stored XSS due to improper neutralization of input during web page generation...

CVE-2024-33692

CVE-2024-33692 is an stored XSS vulnerability in the Satrya Smart Recent Posts Widget. The issue is due to improper input neutralization during web page generation, enabling stored cross-site scripting. Affected versions are vulnerable from n/a to 1.0.3. The initial and connected documents do not...

CVE-2024-33692 WordPress Smart Recent Posts Widget plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3...

CVE-2024-33692 WordPress Smart Recent Posts Widget plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3...

WordPress Smart Recent Posts Widget plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Smart Recent Posts Widget versions = 1.0.4...

WordPress Ultimate Posts Widget plugin <= 2.2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Ultimate Posts Widget versions = 2.2.9...

CVE-2024-3678 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.2 - Information Exposure

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.4.2. This makes it possible for unauthenticated attackers to view limited information from password protected posts...

CVE-2024-3678 Blog2Social: Social Media Auto Post & Scheduler <= 7.4.2 - Information Exposure

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.4.2. This makes it possible for unauthenticated attackers to view limited information from password protected posts...

WordPress Ultimate Posts Widget Plugin <= 2.2.9 is vulnerable to Broken Access Control

Software Ultimate Posts Widget Type Plugin Vulnerable versions = 2.2.9 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 565122e43072 Credits Dhabaleshwar Das Requir...

WordPress Smart Recent Posts Widget Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Smart Recent Posts Widget Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33692 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 734e2b75e9d6 Credits Joshua Chan Required privilege...

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajaxloadmore , eaelwoopaginationproductajax, and ajaxeaelproductgallery...

CVE-2024-3733

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajaxloadmore , eaelwoopaginationproductajax, and ajaxeaelproductgallery...

WordPress plugin Essential Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-27482 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.15 Description: The issue allows unauthenticated attackers to extract posts that may be in private or draft status due to Sensitive Information Exposur...

WordPress plugin Elespare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

CVE-2024-32650

creationtimestamp| type| source ---|---|--- 2024-04-19 15:23:37+00:00| published-proof-of-concept| https://github.com/rustls/rustls/security/advisories/GHSA-6g7w-8wpp-frhj 2025-08-16 17:09:41+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwjud4woks2g 2025-08-16...

Easy Custom Auto Excerpt < 2.5.0 - Sensitive Information Exposure

Description The Easy Custom Auto Excerpt plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.4.12. This makes it possible for unauthenticated attackers to obtain excerpts of password-protected posts...

CVE-2024-32549

Cross-Site Request Forgery CSRF vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting XSS.This issue affects Related Posts for WordPress: from n/a through 4.0.3...

CVE-2024-32549 WordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Microkid Related Posts for WordPress allows Cross-Site Scripting XSS.This issue affects Related Posts for WordPress: from n/a through 4.0.3...