572 matches found
WordPress Lafka Plugin plugin <= 7.1.0 - Missing Authorization to Authenticated (Subscriber+) Theme Option Update vulnerability
Missing Authorization to Authenticated Subscriber+ Theme Option Update vulnerability discovered by István Márton in WordPress Plugin Lafka Plugin versions = 7.1.0...
WordPress RDP Wiki Embed plugin <= 1.2.20 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin RDP Wiki Embed versions = 1.2.20...
WordPress DirectoryPress Plugin <= 3.6.22 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by thiennv in WordPress Plugin DirectoryPress versions = 3.6.22...
WordPress MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin <= 5.9.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar versions = 5.9.4...
WordPress Privyr CRM plugin <= 1.0.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Privyr CRM Integration versions = 1.0.2...
WordPress Motors plugin <= 1.4.71 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k in WordPress Plugin Motors versions = 1.4.71...
WordPress TextMe SMS plugin <= 1.9.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Aiden in WordPress Plugin TextMe SMS versions = 1.9.1...
WordPress Small Package Quotes – Worldwide Express Edition plugin <= 5.2.19 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mika in WordPress Plugin Small Package Quotes – Worldwide Express Edition versions = 5.2.19...
WordPress WooTumblog plugin <= 2.1.4 - Content Injection vulnerability
Content Injection vulnerability discovered by Mika in WordPress Plugin WooTumblog versions = 2.1.4...
CVE-2025-21973
creationtimestamp| type| source ---|---|--- 2025-04-01 19:45:19+00:00| published-proof-of-concept| https://t.me/cvedetector/21797...
WordPress Material Dashboard plugin <= 1.4.5 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Material Dashboard versions = 1.4.5...
WordPress Countdown & Clock plugin <=2.8.8 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by astra.r3verii in WordPress Plugin Countdown & Clock versions = 2.8.8...
WordPress Hyperlink Group Block plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Hyperlink Group Block versions = 2.0.1...
WordPress Directorist AddonsKit for Elementor plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Khalid Yusuf in WordPress Plugin Directorist AddonsKit for Elementor versions = 1.1.6...
WordPress Nova Blocks by Pixelgrade plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Nova Blocks versions = 2.1.8...
WordPress Boo Recipes plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Boo Recipes versions = 2.4.1...
WordPress News, Magazine and Blog Elements Plugin <= 1.3 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin News, Magazine and Blog Elements versions = 1.3...
WordPress Small Package Quotes – Worldwide Express Edition plugin <= 5.2.18 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Small Package Quotes – Worldwide Express Edition versions = 5.2.18...
WordPress Themify Folo Theme <= 1.9.6 is vulnerable to Cross Site Scripting (XSS)
Software Themify Folo Type Theme Vulnerable versions = 1.9.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-31013 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6a066edc64f9 Credits Tran Nguyen Bao Khanh VCI - VNPT Cyber...
CVE-2022-4678
creationtimestamp| type| source ---|---|--- 2025-03-21 17:19:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8383...