CVE-2024-32549

CVE-2024-32549 is a CSRF-to-XSS vulnerability in the WordPress plugin “Microkid Related Posts” that can affect sites using the plugin up to version 4.0.3. The connected Red Hat entry confirms the issue as a CSRF vulnerability that enables XSS in Related Posts for WordPress. The CVSS 3.1 vector fr...

WordPress WP Show Posts plugin <= 1.1.5 - Improper Authorization to Information Exposure vulnerability

Improper Authorization to Information Exposure vulnerability discovered by Lucio Sá in WordPress Plugin WP Show Posts versions = 1.1.5...

WP Meta SEO < 4.5.13 - Unauthenticated Password Protected Content Access

Description The plugin is vulnerable to Sensitive Information Exposure via the meta description, allowing unauthenticated attackers to disclose potentially sensitive information via the meta description of password-protected posts...

PT-2024-24669 · WordPress · Microkid Related Posts

Name of the Vulnerable Software and Affected Versions: Microkid Related Posts for WordPress versions n/a through 4.0.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross-Site Scripting XSS in Microkid Related Posts for WordPress. Recommendations: For...

WP Show Posts < 1.1.6 - Improper Authorization to Information Exposure

Description The WP Show Posts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with subscriber access and above, to view...

WordPress WP Show Posts Plugin <= 1.1.5 is vulnerable to Sensitive Data Exposure

Software WP Show Posts Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.1.6 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-6731 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0bc24cb2903a Credits Lucio Sá Required privilege...

CVE-2024-31497

creationtimestamp| type| source ---|---|--- 2024-04-16 08:46:23+00:00| seen| https://t.me/habrcomnews/26965 2024-04-16 14:06:21+00:00| seen| https://t.me/KomunitiSiber/1793 2024-04-16 14:12:39+00:00| seen| https://t.me/RedTeamFeed/267 2024-04-16 14:49:01+00:00| seen|...

WordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerability

CSRF to XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Related Posts for WordPress versions = 4.0.3...

WordPress Meta Box plugin < 5.9.4 - Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability

Contributor+ Arbitrary Posts Custom Field Disclosure vulnerability discovered by Scott Kingsley Clark in WordPress Plugin Meta Box – WordPress Custom Fields Framework versions 5.9.4...

WordPress Combo Blocks plugin < 2.2.76 - Unauthenticated Password Protected Posts Access vulnerability

Unauthenticated Password Protected Posts Access vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Post Grid and Gutenberg Blocks versions 2.2.76...

CVE-2024-31426

Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...

CVE-2024-31426

Technical details about CVE-2024-31426 are not provided in the supplied documents. The entry describes a CSRF in Data443 Inline Related Posts (up to 3.3.1) with no exploitation data or remediation details; monitor for updates.

CVE-2024-31426 WordPress Inline Related Posts plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...

CVE-2024-31426 WordPress Inline Related Posts plugin <= 3.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1...

WordPress Inline Related Posts plugin < 3.6.0 - Subscriber+ Password Protected Post Read vulnerability

Subscriber+ Password Protected Post Read vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Inline Related Posts versions 3.6.0...

CVE-2024-1204

The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts...

CVE-2024-1204 Meta Box < 5.9.4 - Contributor+ Arbitrary Posts' Custom Field Disclosure

The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

CVE-2024-3400 Compromise Checker A very simple bash script to...

PT-2024-24067 · Data443 · Data443 Inline Related Posts

Name of the Vulnerable Software and Affected Versions: Data443 Inline Related Posts versions 3.3.1 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

WordPress Plugin Meta Box 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...