WordPress Tourfic Plugin <= 2.11.7 - Cross-Site Scripting

The Tourfic plugin for WordPress is vulnerable to Reflected Cross-Site Scripting XSS in versions up to and including 2.11.7 due to insufficient input sanitization and output escaping in the 'place' parameter. id: CVE-2024-29137 info: name: WordPress Tourfic Plugin = 2.11.7 - Cross-Site Scripting...

CVE-2026-39543

Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through = 2.21.4...

EUVD-2026-20199

Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through = 2.21.4...

CVE-2026-39543

Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through = 2.21.4...

CVE-2026-39543 WordPress Tourfic plugin <= 2.21.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through = 2.21.4...

CVE-2026-39543

CVE-2026-39543 affects the WordPress Tourfic plugin (versions

CVE-2026-39543

Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through = 2.21.4...

CVE-2026-39543 WordPress Tourfic plugin <= 2.21.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: from n/a through = 2.21.4...

WordPress plugin Tourfic 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-31150

CVE-2026-39543 Missing Authorization vulnerability in Themefic Tourfic tourfic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tourfic: fr… https://t.co/hCHVJGngBw...

WordPress Tourfic plugin <= 2.21.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Tourfic versions = 2.21.4...

EUVD-2024-26173

Malicious code in bioql PyPI...

EUVD-2024-26170

Malicious code in bioql PyPI...

EUVD-2024-55009

Malicious code in bioql PyPI...

EUVD-2025-3848

Malicious code in bioql PyPI...

EUVD-2024-26171

Malicious code in bioql PyPI...

EUVD-2024-49087

Malicious code in bioql PyPI...

EUVD-2024-50547

Malicious code in bioql PyPI...

EUVD-2024-26172

Malicious code in bioql PyPI...

CVE-2024-8860

The Tourfic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tforderstatusemailresendfunction, tfvisitordetailseditfunction, tfcheckinoutdetailseditfunction, tforderstatuseditfunction, tforderbulkactioneditfunction,...