321 matches found
CVE-2026-28108
CVE-2026-28108 is a Reflected Cross-Site Scripting vulnerability in the WordPress plugin LambertGroup – AllInOne, specifically the Banner with Thumbnails (all-in-one-thumbnailsBanner). Affected versions are listed as up to 3.8 (from n/a through
CVE-2026-28108 WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through ...
CVE-2026-28108
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through ...
CVE-2026-28108 WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through ...
PT-2026-23382
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through ...
WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
WordPress LambertGroup - AllInOne - Banner with Thumbnails plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin LambertGroup - AllInOne - Banner with Thumbnails versions = 3.8...
CVE-2026-24596
Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...
CVE-2026-24596
Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...
CVE-2026-24596 WordPress Related Posts Thumbnails plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...
CVE-2026-24596
Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.1...
CVE-2026-24596 WordPress Related Posts Thumbnails plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in marynixie Related Posts Thumbnails Plugin for WordPress related-posts-thumbnails allows Cross Site Request Forgery.This issue affects Related Posts Thumbnails Plugin for WordPress: from n/a through = 4.3.2...
CVE-2026-24596
CVE-2026-24596 is a CSRF vulnerability in the WordPress plugin Related Posts Thumbnails (versions up to 4.3.1). The issue allows Cross-Site Request Forgery, affecting the Related Posts Thumbnails Plugin for WordPress from an unspecified early version to 4.3.1. The CVE entry provides a CVSS v3.1 b...
PT-2026-4431
Name of the Vulnerable Software and Affected Versions Related Posts Thumbnails Plugin for WordPress versions through 4.3.1 Description The Related Posts Thumbnails Plugin for WordPress is susceptible to a Cross-Site Request Forgery issue. This allows attackers to potentially perform actions on...
WordPress Plugin: Related Posts Thumbnails Plugin for WordPress – Security Vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Related Posts Thumbnails Plugin for WordPress plugin <= 4.3.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Carlos Ferreira in WordPress Plugin Related Posts Thumbnails Plugin for WordPress versions = 4.3.2...
CVE-2023-49851
Missing Authorization vulnerability in ILMDESIGNS Square Thumbnails allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square Thumbnails: from n/a through 1.1.1...
CVE-2025-13794
CVE-2025-13794 affects the Auto Featured Image (Auto Post Thumbnail) WordPress plugin. Versions up to and including 4.2.1 are vulnerable due to a missing capability check in bulk_action_generate_handler, enabling an authenticated user with Contributor-level access or higher to delete or generate ...
WordPress Auto Featured Image plugin <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification vulnerability
Missing Authorization to Authenticated Contributor+ Post Thumbnail Modification vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.2.1...
CVE-2025-62614
BookLore is a self-hosted web app for organizing and managing personal book collections. In versions 1.8.1 and prior, an authentication bypass vulnerability in the BookMediaController allows any unauthenticated user to access and download book covers, thumbnails, and complete PDF/CBX page content...
EUVD-2025-35633
BookLore is a self-hosted web app for organizing and managing personal book collections. In versions 1.8.1 and prior, an authentication bypass vulnerability in the BookMediaController allows any unauthenticated user to access and download book covers, thumbnails, and complete PDF/CBX page content...