4 matches found
CVE-2026-50280
Craft CMS contains an authorization bypass in the entries/move-to-section endpoint (EntriesController::actionMoveToSection). In versions 5.0.0-RC1 through below 5.9.21, destination section gate relies only on viewEntries:$section->uid instead of requiring saveEntries permission; source entry p...
PT-2026-1712
Name of the Vulnerable Software and Affected Versions WP Table Builder – Drag & Drop Table Builder plugin for WordPress versions up to and including 2.0.19 Description The WP Table Builder – Drag & Drop Table Builder plugin for WordPress has a flaw where data can be modified without proper...
PT-2024-18137 · WordPress · Redirects Plugin For Wordpress
Name of the Vulnerable Software and Affected Versions: The Redirects plugin for WordPress versions up to, and including, 1.2.1 Description: The issue is related to a missing capability check on the save function, allowing unauthorized modification of data. This could enable unauthenticated...
WordPress Plugin WPCS – WordPress Currency Switcher Professional 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WPCS - A...