CVE-2025-30568

Cross-Site Request Forgery CSRF vulnerability in hitoy Super Static Cache super-static-cache allows Cross Site Request Forgery.This issue affects Super Static Cache: from n/a through = 3.3.5...

CVE-2025-30552

Cross-Site Request Forgery CSRF vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through = 3.3.5...

CVE-2025-30568 WordPress Super Static Cache plugin <= 3.3.5 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in hitoy Super Static Cache super-static-cache allows Cross Site Request Forgery.This issue affects Super Static Cache: from n/a through = 3.3.5...

CVE-2025-30568

CVE-2025-30568 is a CSRF vulnerability in the WordPress plugin Super Static Cache, affecting versions from n/a through 3.3.5. The connected Wordfence entry confirms the CVE ID, affected product, and nature of the issue, but no exploit details or remediation are provided in the supplied documents.

CVE-2025-30552 WordPress WordPress Admin Bar Improved plugin <= 3.3.5 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through = 3.3.5...

CVE-2025-30552

CVE-2025-30552: A Cross-Site Request Forgery (CSRF) leading to Stored XSS in WordPress Admin Bar Improved. Affected: WordPress Admin Bar Improved versions up to 3.3.5 (range includes n/a through 3.3.5). Nature: CSRF vulnerability that can result in stored XSS. Severity: CVSS v3.1 base score 7.1 (...

WordPress Super Static Cache plugin <= 3.3.5 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Super Static Cache versions = 3.3.5...

WordPress WordPress Admin Bar Improved plugin <= 3.3.5 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by johska in WordPress Plugin WordPress Admin Bar Improved versions = 3.3.5...

WordPress plugin WordPress Admin Bar Improved 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin WordPress Admin B...

WordPress plugin Floating Chat Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Chaty plugin <= 3.3.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Chaty versions = 3.3.5...

CVE-2024-6432

The Content Blocks Custom Post Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter within the plugin's shortcode Content Block in all versions up to, and including, 3.3.5 due to insufficient input sanitization and output escaping. This makes it...

CVE-2024-44051

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Johan van der Wijk Content Blocks Custom Post Widget allows Stored XSS.This issue affects Content Blocks Custom Post Widget: from n/a through 3.3.5...

WordPress plugin Content Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress Gutentor plugin <= 3.3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Gutentor versions = 3.3.5...

CVE-2024-37212

Cross-Site Request Forgery CSRF vulnerability in Ali2Woo Ali2Woo Lite.This issue affects Ali2Woo Lite: from n/a through 3.3.5...

WordPress plugin Ali2Woo Lite Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery...

WordPress AliExpress Dropshipping with AliNext Lite plugin <= 3.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin AliNext versions = 3.3.5...

WordPress Ali2Woo Lite Plugin <= 3.3.5 is vulnerable to Broken Access Control

Software Ali2Woo Lite Type Plugin Vulnerable versions = 3.3.5 Fixed in 3.3.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-37210 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 02abd7b980c0 Credits Majed Refaea Required...

CVE-2024-4450

The AliExpress Dropshipping with AliNext Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several functions in the ImportAjaxController.php file in all versions up to, and including, 3.3.5. This makes it possible for authenticated attackers, with...