CVE-2022-44738

CVE-2022-44738 relates to the WordPress Posts and Users Stats plugin (

CVE-2023-5506

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmapdeleteareaajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

PT-2023-14543 · Unknown · Posts/Users Stats

Name of the Vulnerable Software and Affected Versions: Posts and Users Stats versions 1.1.3 and earlier Description: The issue is related to the improper neutralization of formula elements in a CSV file, which affects Posts and Users Stats. Recommendations: For versions 1.1.3 and earlier, update ...

WordPress Plugin Posts and Users Stats Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

wpDiscuz < 7.6.11 - Insufficient Authorization to Comment Submission on Deleted Posts

Description The plugin is vulnerable to unauthorized modification of data due to insufficient validation on the comment functionality, making it possible for unauthenticated attackers to leave comments on trashed posts...

Code injection

The Templately WordPress plugin before 2.2.6 does not properly authorize the saved-templates/delete REST API call, allowing unauthenticated users to delete arbitrary posts...

CVE-2023-5454 Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization

The Templately WordPress plugin before 2.2.6 does not properly authorize the saved-templates/delete REST API call, allowing unauthenticated users to delete arbitrary posts...

CVE-2023-46778

A vulnerability in TheFreeWindows Auto Limit Posts Reloaded auto-limit-posts-reloaded.This issue affects Auto Limit Posts Reloaded: from n/a through = 2.5...

CVE-2023-46778

Cross-Site Request Forgery CSRF vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin = 2.5 versions...

CVE-2023-46778

Cross-Site Request Forgery CSRF vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin = 2.5 versions...

CVE-2023-46778

CVE-2023-46778 is a CSRF vulnerability in the WordPress plugin Auto Limit Posts Reloaded affecting versions

CVE-2023-46778 WordPress Auto Limit Posts Reloaded Plugin <= 2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in TheFreeWindows Auto Limit Posts Reloaded plugin = 2.5 versions...

PT-2023-30207 · Unknown · Thefreewindows Auto Limit Posts Reloaded

Name of the Vulnerable Software and Affected Versions: TheFreeWindows Auto Limit Posts Reloaded plugin versions = 2.5 Description: A Cross-Site Request Forgery CSRF issue affects the plugin, allowing unauthorized actions to be performed on behalf of a user without their knowledge. Recommendations...

CVE-2023-32508

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5...

CVE-2023-32508

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Rolf van Gelder Order Your Posts Manually allows SQL Injection.This issue affects Order Your Posts Manually: from n/a through 2.2.5...

CVE-2023-32508

CVE-2023-32508 targets WordPress plugin Order Your Posts Manually (v

CVE-2022-46818

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2...

CVE-2022-46818

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2...

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Gopi Ramasamy Email posts to subscribers allows SQL Injection.This issue affects Email posts to subscribers: from n/a through 6.2...