9 matches found
WordPress plugin Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2025-12934 Beaver Builder – WordPress Page Builder <= 2.9.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update
The Beaver Builder – WordPress Page Builder plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'duplicatewpmllayout' function in all versions up to, and including, 2.9.4.1. This makes it possible for authenticated attackers,...
EUVD-2015-3287
Malware in sbrugna...
EUVD-2021-31835
Malicious code in bioql PyPI...
CVE-2021-24819
The Page/Post Content Shortcode WordPress plugin through 1.0 does not have proper authorisation in place, allowing users with a role as low as contributor to access draft/private/password protected/trashed posts/pages they should not be allowed to, including posts created by other users such as...
PT-2025-19796 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions 3.5.0.beta4 before commit 82d84af6b0efbd9fa2aeec3e91ce7be1a768511b Description: A data leak issue affects Discourse, an open-source community platform, allowing some content on the site's homepage to be visible to...
WordPress plugin Royal Elementor Addons and Templates security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers.WordPress plugin is an...
Discourse Access Control Error Vulnerability
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. Discourse suffers from an Access Control Error vulnerability that originates from allowing unauthorized attackers to view private content via the /polls/groupedpollresults...
CVE-2012-3385
WordPress before 3.4.1 does not properly restrict access to post contents such as private or draft posts, which allows remote authors or contributors to obtain sensitive information via unknown vectors...