PT-2025-33430 · WordPress · B Slider- Gutenberg Slider Block

Name of the Vulnerable Software and Affected Versions: B Slider- Gutenberg Slider Block for WP plugin for WordPress versions prior to 2.0.0 Description: The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vulnerable to Server-Side Request Forgery via the fs api request function...

CVE-2023-5436

The Vertical marquee plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 7.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2023-28418

Auth. subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Yudlee themes Mediciti Lite theme = 1.3.0 versions...

CVE-2023-28493

Auth subscriber+ Reflected Cross-Site Scripting XSS vulnerability in Macho Themes NewsMag theme = 2.4.4 versions...

CVE-2022-41609

Auth. subscriber+ Server-Side Request Forgery SSRF vulnerability in Better Messages plugin 1.9.10.68 on WordPress...

PT-2022-27402 · WordPress · Betheme

Name of the Vulnerable Software and Affected Versions: Betheme theme versions = 26.5.1.4 Description: The issue is related to an authentication bypass vulnerability, specifically a PHP Object Injection vulnerability, affecting the Betheme theme on WordPress. It requires authentication as a...

VulnCheck KEV: CVE-2022-45077

Auth. subscriber+ PHP Object Injection vulnerability in Betheme theme = 26.5.1.4 on WordPress...