EUVD-2023-29437

Malicious code in bioql PyPI...

CVE-2022-4827

The WP Tiles WordPress plugin through 1.1.2 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2025-25073 WordPress Easy WP Tiles plugin <= 1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vasilis Triantafyllou Easy WP Tiles easy-wp-tiles allows Stored XSS.This issue affects Easy WP Tiles: from n/a through = 1...

CVE-2023-25482

Cross-Site Request Forgery CSRF vulnerability in Mike Martel WP Tiles plugin = 1.1.2 versions...

CVE-2023-25482

Cross-Site Request Forgery CSRF vulnerability in Mike Martel WP Tiles plugin = 1.1.2 versions...

CVE-2023-25482 WordPress WP Tiles Plugin <= 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Mike Martel WP Tiles plugin = 1.1.2 versions...

CVE-2023-25482

CVE-2023-25482 is a CSRF vulnerability in the WordPress plugin WP Tiles (Mike Martel) affecting versions

PT-2023-20101 · WordPress · Mike Martel Wp Tiles

Name of the Vulnerable Software and Affected Versions: Mike Martel WP Tiles plugin versions 1.1.2 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a...

WordPress WP Tiles Plugin <= 1.1.2 is vulnerable to Sensitive Data Exposure

Software WP Tiles Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-1426 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 0ecd1ecdc31a Credits Erwan LR WPScan Required...

CVE-2023-1426 WP Tiles <= 1.1.2 - Subscriber+ Draft/Private Post Title Disclosure

The WP Tiles WordPress plugin through 1.1.2 does not ensure that posts to be displayed are not draft/private, allowing any authenticated users, such as subscriber to retrieve the titles of draft and privates posts for example. AN attacker could also retrieve the title of any other type of post...

PT-2023-15659 · WordPress · Wp Tiles

Name of the Vulnerable Software and Affected Versions: WP Tiles WordPress plugin versions 1.1.2 and earlier Description: The issue concerns the WP Tiles WordPress plugin, which does not properly validate and escape certain shortcode attributes before outputting them in a page or post. This could...