14 matches found
CVE-2025-11758
The All in One Time Clock Lite plugin for WordPress is vulnerable to unauthorized access due to a missing authorization check in all versions up to, and including, 2.0.3. This is due to the plugin exposing admin-level AJAX actions to unauthenticated users via wpajaxnopriv hooks, while relying onl...
CVE-2025-10701
The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameter in all versions up to, and including, 1.3.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This...
WordPress plugin Time Clock 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-10701
The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameter in all versions up to, and including, 1.3.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This...
CVE-2025-10701
The Time Clock WordPress plugin is affected by CVE-2025-10701: a stored cross-site scripting vulnerability in the data parameter, present in all versions up to 1.3.1 due to insufficient input sanitization/output escaping. Exploitation requires authenticated access with Time Clock user credentials...
CVE-2025-10701 Time Clock – A WordPress Employee & Volunteer Time Clock Plugin <= 1.3.1 - Authenticated (Custom+) Stored Cross-Site Scripting
The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameter in all versions up to, and including, 1.3.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This...
EUVD-2025-35818
The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameter in all versions up to, and including, 1.3.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This...
CVE-2025-10701 Time Clock – A WordPress Employee & Volunteer Time Clock Plugin <= 1.3.1 - Authenticated (Custom+) Stored Cross-Site Scripting
The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameter in all versions up to, and including, 1.3.1. This is due to insufficient input sanitization and output escaping on user supplied attributes. This...
PT-2025-43585
Name of the Vulnerable Software and Affected Versions The Time Clock – A WordPress Employee & Volunteer Time Clock Plugin for WordPress versions prior to 1.3.2 Description The software is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping of...
CVE-2024-9593
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...
CVE-2024-9593
The Time Clock plugin and Time Clock Pro plugin for WordPress are vulnerable to Remote Code Execution in versions up to, and including, 1.2.2 for Time Clock and 1.1.4 for Time Clock Pro via the 'etimeclockwploadfunctioncallback' function. This allows unauthenticated attackers to execute code on t...
CVE-2024-9593
CVE-2024-9593 affects WordPress plugins Time Clock (<= 1.2.2) and Time Clock Pro (
Exploit for Code Injection in Wpplugin Time_Clock
CVE-2024-9593 Time Clock = 1.2.2 & Time Clock Pro...
PT-2024-9994 · WordPress · Time Clock +1
Name of the Vulnerable Software and Affected Versions: Time Clock plugin versions up to 1.2.2 Time Clock Pro plugin versions up to 1.1.4 Description: The issue concerns the etimeclockwp load function callback function, which is related to improper management of code generation. This allows...