CVE-2026-2515

The Hostinger Reach – AI-Powered Email Marketing for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'handleajaxaction' function in all versions up to, and including, 1.3.8. This makes it possible for authenticated...

CVE-2025-11172 Check Plagiarism <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The Check Plagiarism plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the chkplagminepluginwpse10500adminaction function in all versions up to, and including, 2.0. This makes it possible for authenticated attackers, with Subscriber-level...

WordPress plugin Reviews Feed 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-18305 · WordPress · Contests By Rewards Fuel

Name of the Vulnerable Software and Affected Versions: Contests by Rewards Fuel plugin for WordPress versions up to, and including, 2.0.64 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping. This allows authenticated attacke...