22 matches found
CVE-2026-54833
CVE-2026-54833 concerns the WordPress Enable CORS plugin
CVE-2026-24545 WordPress QR Redirector plugin <= 2.0.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Nikki Blight QR Redirector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QR Redirector: from n/a through 2.0.3...
CVE-2025-65482
An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...
CVE-2025-65482
An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...
PT-2026-3152
Name of the Vulnerable Software and Affected Versions Laravel Valet versions 1.1.4 through 2.0.3 Description Laravel Valet versions 1.1.4 to 2.0.3 have a local privilege escalation issue. An attacker can modify the valet command to execute arbitrary code with root permissions without needing...
CVE-2025-67628
CVE-2025-67628 is an XSS vulnerability described as an improper neutralization of input during web page generation in the WordPress plugin Review Disclaimer – AMP-MODE. Affected range is Review Disclaimer: from n/a through
PT-2025-53244
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in AMP-MODE Review Disclaimer review-disclaimer allows Stored XSS.This issue affects Review Disclaimer: from n/a through = 2.0.3...
CVE-2025-67561
Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewer debug-log-viewer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Debug Log Viewer: from n/a through = 2.0.3...
EUVD-2023-32605
Malicious code in bioql PyPI...
WordPress plugin Multi CryptoCurrency Payments SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
PT-2025-4955 · Unknown · Wow Best Css Compiler
Name of the Vulnerable Software and Affected Versions: WOW Best CSS Compiler versions prior to 2.0.3 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected Cross-site Scripting XSS. This enables attackers to inject malicious script...
WordPress ContestsWP plugin <= 2.0.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Run Contests, Raffles, and Giveaways with ContestsWP versions = 2.0.3...
PT-2024-34302 · Unknown · Woocommerce +1
Name of the Vulnerable Software and Affected Versions: Plug your WooCommerce into the largest catalog of customized print products from Helloprint versions n/a through 2.0.2 Description: The issue allows an attacker to upload a web shell to a web server due to an unrestricted upload of file with...
CVE-2023-45751
Improper Control of Generation of Code 'Code Injection' vulnerability in POSIMYTH Nexter Extension.This issue affects Nexter Extension: from n/a through 2.0.3...
CVE-2023-47672
Cross-Site Request Forgery CSRF vulnerability in Swashata WP Category Post List Widget.This issue affects WP Category Post List Widget: from n/a through 2.0.3...
PT-2023-30436 · Microweber · Microweber Cms
Name of the Vulnerable Software and Affected Versions: Microweber CMS versions 2.0.1 through 2.0.2 Description: The issue is related to stored Cross Site Scripting XSS via the profile picture file upload functionality. This allows an attacker to inject malicious scripts into the website,...
CVE-2023-45657
A vulnerability in posimyththemes Nexter nexter.This issue affects Nexter: from n/a through = 2.0.3...
CVE-2023-39155
Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it...
CVE-2023-22688
Cross-Site Request Forgery CSRF vulnerability in Abdul Ibad WP Tabs Slides plugin = 2.0.3 versions...
PT-2022-24957 · Tasklists · Tasklists
Name of the Vulnerable Software and Affected Versions: tasklists versions prior to 2.0.3 Description: The issue allows for Cross-site Scripting XSS where an attacker can create XSS in task content when adding it. There are no known workarounds for this issue. Recommendations: For versions prior t...