2 matches found
CVE-2026-2696
The CVE-2026-2696 entry concerns the WordPress plugin Export All URLs (versions before 5.1). Affected component: the plugin’s CSV filename generation uses a predictable pattern based on a random 6‑digit number, and exported CSVs are stored in publicly accessible wp-content/uploads. This enables a...
WordPress WP-Database-Optimizer-Tools Plugin <= 0.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Skalucy in WordPress Plugin WP-Database-Optimizer-Tools versions = 0.2...