2 matches found
EUVD-2026-43131
The Notification for Telegram plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.5.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
CVE-2025-13068
CVE-2025-13068 concerns the WordPress plugin Telegram Bot & Channel . The vulnerability is an unauthenticated Stored Cross-Site Scripting (XSS) via the Telegram username, affecting all versions up to and including 4.1 due to insufficient input sanitization and output escaping. Wordfence details t...