2 matches found
CVE-2025-12684
CVE-2025-12684 : The WordPress Plugin URL Shortify is vulnerable in versions before 1.11.3 due to failure to sanitize and escape a parameter before reflecting it on the page, causing a reflected cross-site scripting (XSS). Exploitation could target high-privilege users (e.g., admins). Impact per ...
WordPress plugin Z-Downloads 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A code issue vulnerability...