CVE-2026-24543

Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through = 1.3.52...

CVE-2026-24543 WordPress Materialis Companion plugin <= 1.3.52 - Broken Access Control vulnerability

Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through = 1.3.52...

CVE-2026-24543 WordPress Materialis Companion plugin <= 1.3.52 - Broken Access Control vulnerability

Missing Authorization vulnerability in Horea Radu Materialis Companion materialis-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Materialis Companion: from n/a through = 1.3.52...

CVE-2026-24543

CVE-2026-24543 describes a Missing Authorization (Broken Access Control) vulnerability in the Materialis Companion plugin for WordPress (materialis-companion). Affected versions: up to 1.3.52. Root cause: incorrectly configured access control security levels. Impact per available data: privilege ...

WordPress plugin Materialis Companion has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

PT-2026-4390

Name of the Vulnerable Software and Affected Versions Materialis Companion versions through 1.3.52 Description A missing authorization issue exists in Materialis Companion, allowing exploitation due to incorrectly configured access control security levels. Recommendations Update Materialis...

CVE-2024-13758

The CP Contact Form with PayPal plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.52. This is due to missing or incorrect nonce validation on the cpcontactformpaypalcheckinitactions function. This makes it possible for unauthenticated...

WordPress CP Contact Form with PayPal plugin <= 1.3.52 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Krzysztof Zając in WordPress Plugin CP Contact Form with Paypal versions = 1.3.52...

WordPress plugin CP Contact Form with PayPal 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

WordPress Contact Form to Email Plugin <= 1.3.52 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Roby Firnando Yusuf in WordPress Plugin Contact Form Email versions = 1.3.52...

WordPress plugin Contact Form Email 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

CVE-2024-6869

The Falang multilanguage for WordPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including, 1.3.52. This makes it possible for authenticated attackers, with Subscriber-level access and...

WordPress Falang multilanguage for WordPress plugin <= 1.3.52 - Missing Authorization to Translation Update and Information Exposure vulnerability

Missing Authorization to Translation Update and Information Exposure vulnerability discovered by Lucio Sá in WordPress Plugin Falang multilanguage versions = 1.3.52...

PT-2024-37916 · WordPress · Falang Multilanguage For Wordpress

Name of the Vulnerable Software and Affected Versions: Falang multilanguage for WordPress plugin versions up to, and including, 1.3.52 Description: The issue allows authenticated attackers with Subscriber-level access and above to update and delete translations and expose the administrator email...