CVE-2026-1916

The WPGSI: Spreadsheet Integration plugin for WordPress is vulnerable to unauthorized modification and loss of data due to missing capability checks and an insecure authentication mechanism on the wpgsicallBackFuncAccept and wpgsicallBackFuncUpdate REST API functions in all versions up to, and...

CVE-2026-1916

The CVE concerns the WPGSI: Spreadsheet Integration WordPress plugin (up to version 3.8.3). The vulnerability arises from missing authorization on two REST API functions (wpgsi_callBackFuncAccept and wpgsi_callBackFuncUpdate), where permission_callback => '__return_true' allows unauthenticated...

CVE-2026-1916 WPGSI: Spreadsheet Integration <= 3.8.3 - Missing Authorization to Unauthenticated Arbitrary Post Creation and Deletion via Forged Base64 Token

The WPGSI: Spreadsheet Integration plugin for WordPress is vulnerable to unauthorized modification and loss of data due to missing capability checks and an insecure authentication mechanism on the wpgsicallBackFuncAccept and wpgsicallBackFuncUpdate REST API functions in all versions up to, and...

WordPress WPGSI: Spreadsheet Integration plugin <= 3.8.3 - Missing Authorization to Unauthenticated Arbitrary Post Creation and Deletion via Forged Base64 Token vulnerability

Missing Authorization to Unauthenticated Arbitrary Post Creation and Deletion via Forged Base64 Token vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin Spreadsheet Integration – Automate Google Sheets With WordPress...

WordPress plugin WPGSI: Spreadsheet Integration 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

EUVD-2024-47655

Malicious code in bioql PyPI...

CVE-2025-1463

The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to improper nonce validation within the class-wpgsi-show.php script. This makes it possible for unauthenticated attackers to publish arbitrary post...

CVE-2025-1463 Spreadsheet Integration <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post Publish

The Spreadsheet Integration plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.2. This is due to improper nonce validation within the class-wpgsi-show.php script. This makes it possible for unauthenticated attackers to publish arbitrary post...

WordPress plugin Spreadsheet Integration 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...

WordPress Spreadsheet Integration plugin <= 3.8.2 - Cross-Site Request Forgery to Arbitrary Post Publish vulnerability

Cross-Site Request Forgery to Arbitrary Post Publish vulnerability discovered by Krzysztof Zając in WordPress Plugin Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. versions = 3.8.2...

CVE-2024-6590

The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to...

CVE-2024-6590

The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to...

CVE-2024-6590

CVE-2024-6590 affects the WordPress plugin “Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table.” The vulnerability is a missing capability check in multiple functions in all versions up to and including 3...

CVE-2024-6590 Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to...

CVE-2024-6590 Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Also, Display Google sheet as a Table. plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to...

WordPress plugin Spreadsheet Integration 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Spreadsheet Integration plugin <= 3.8.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Update vulnerability discovered by Lucio Sá in WordPress Plugin Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. versions = 3.8.0...

PT-2024-37742 · WordPress · Spreadsheet Integration Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: The Spreadsheet Integration plugin for WordPress versions up to, and including, 3.7.9 Description: The issue is related to a missing capability check on several functions, allowing authenticated attackers with Subscriber-level access and abov...

WordPress Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Plugin <= 3.7.8 is vulnerable to Cross Site Scripting (XSS)

Software Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. Type Plugin Vulnerable versions = 3.7.8 Fixed in 3.7.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Mediu...

WordPress Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins plugin <= 3.6.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Spreadsheet Integration – Automate Google Sheets With WordPress, WooCommerce & Most Popular Form Plugins. plugin versions = 3.6.0. Solution Update the WordPress Spreadsheet Integration – Automate Google Sheets With WordPress,...