PT-2025-7723 · Unknown · Photo Gallery

Name of the Vulnerable Software and Affected Versions: Photo Gallery Responsive versions prior to 4.0 Description: A Cross-Site Request Forgery CSRF issue allows Privilege Escalation. This issue enables an attacker to perform actions on behalf of another user without their knowledge or consent...

WordPress WP Responsive Auto Fit Text plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin WP Responsive Auto Fit Text versions = 0.2...

CVE-2025-26774

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rock Solid Responsive Modal Builder for High Conversion – Easy Popups easy-popups allows Reflected XSS.This issue affects Responsive Modal Builder for High Conversion – Easy Popups: from n/a throug...

CVE-2025-26763 WordPress Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider Plugin <= 3.94.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.94.0...

WordPress plugin Responsive Slider by MetaSlider 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

PT-2025-7611 · Unknown · Metaslider Responsive Slider

Name of the Vulnerable Software and Affected Versions: MetaSlider Responsive Slider versions up to 3.94.0 Description: The issue is related to the deserialization of untrusted data, which allows Object Injection. This poses a significant cyber threat. Recommendations: For versions up to 3.94.0,...

WordPress plugin Responsive Modal Builder for High Conversion – Easy Popups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Responsive Modal...

CVE-2025-1543 iteachyou Dreamer CMS ueditor-1.4.3.3 path traversal

A vulnerability, which was classified as problematic, has been found in iteachyou Dreamer CMS 4.1.3. This issue affects some unknown processing of the file /resource/js/ueditor-1.4.3.3. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed ...

CVE-2024-13353 Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates <= 1.6.4 - Authenticated (Contributor+) Local File Inclusion

The Responsive Addons for Elementor – Free Elementor Addons Plugin and Elementor Templates plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.6.4 via several widgets. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2024-13660

The Responsive Flickr Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fshow' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin Responsive Addons for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Responsive Addons for Elementor plugin <= 1.6.4 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by stealthcopter in WordPress Plugin Responsive Addons for Elementor versions = 1.6.4...

CVE-2024-13660 Responsive Flickr Slideshow <= 2.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Responsive Flickr Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fshow' shortcode in all versions up to, and including, 2.6.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-13660

CVE-2024-13660 affects the WordPress plugin Responsive Flickr Slideshow (slug flickr-slideshow-wrapper). It is a Stored XSS in the fshow shortcode across all versions up to 2.6.1, exploitable by authenticated attackers with contributor+ privileges to inject scripts that run when users view inject...

WordPress plugin Responsive Flickr Slideshow 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting...

WordPress Responsive Plus plugin <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request vulnerability

Authenticated Contributor+ Blind Server-Side Request Forgery via remoterequest vulnerability discovered by Francesco Carlucci in WordPress Plugin Responsive Plus versions = 3.1.4...

CVE-2024-13834

The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remoterequest' function. This makes it possible for authenticated attacker...

CVE-2025-26558

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mkkmail Aparat Responsive aparat-responsive allows DOM-Based XSS.This issue affects Aparat Responsive: from n/a through = 1.3...

CVE-2025-26543

Cross-Site Request Forgery CSRF vulnerability in Pukhraj Suthar Simple Responsive Menu simple-responsive-menu allows Stored XSS.This issue affects Simple Responsive Menu: from n/a through = 2.1...

CVE-2024-13834 Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request

The Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 3.1.4 via the 'remoterequest' function. This makes it possible for authenticated attacker...