WordPress plugin TrueBooker 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

PT-2026-25197

Missing Authorization vulnerability in wpradiant Chocolate House chocolate-house allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chocolate House: from n/a through = 1.1.5...

WordPress Plugin Movie Booking: Path traversal vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

WordPress plugin Frontis Blocks: Code-related vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

CVE-2025-62132

Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite tasty-recipes-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through = 1.1.5...

CVE-2025-34241

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AjaxDeviceController.ajaxDeviceAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

CVE-2025-61688

Omni manages Kubernetes on bare metal, virtual machines, or in a cloud. Prior to 1.1.5 and 1.0.2, Omni might leak sensitive information via an API...

WordPress Subscribe To Unlock Plugin <= 1.1.5 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Subscribe To Unlock versions = 1.1.5...

WordPress plugin Embed PDF for WPForms 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. WordPress plugin Embed PDF...

WordPress Embed PDF for WPForms plugin <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by theviper17y in WordPress Plugin Embed PDF for WPForms versions = 1.1.5...

WordPress Mitfahrgelegenheit plugin <= 1.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via date Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via date Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Mitfahrgelegenheit versions = 1.1.5...

WordPress plugin GoZen Forms SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Joomsky JS Jobs 安全漏洞

Joomsky JS Jobs is a Joomla Content Management System CMS based recruitment management plugin from Joomsky. A security vulnerability exists in Joomsky JS Jobs versions 1.1.5 through 1.4.3, which stems from an SQL injection vulnerability that allows an authenticated attacker to execute arbitrary S...

WordPress Button Block plugin <= 1.1.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication vulnerability

Authenticated Contributor+ Post Disclosure via Post Duplication vulnerability discovered by Webbernaut in WordPress Plugin Button Block versions = 1.1.5...

PT-2024-36212 · Metup S.R.L. · Clevernode Related Content

Name of the Vulnerable Software and Affected Versions: CleverNode Related Content versions 1.1.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS attacks. The vulnerabili...

PT-2024-34999 · Unknown · Gutenium Blocks

Name of the Vulnerable Software and Affected Versions: Gutenium Blocks versions 1.1.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject...

Wordpress Amelia plugin <= 1.1.5 (Free) <= 7.5.1 (Pro) - Authenticated Stored Cross-Site Scripting vulnerability

Authenticated Stored Cross-Site Scripting vulnerability discovered by Vinay Kumar in WordPress Plugin Amelia versions = 1.1.5...

PT-2024-24783 · Helloasso · Helloasso

Name of the Vulnerable Software and Affected Versions: HelloAsso versions 1.1.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicio...

PT-2023-29382 · Unknown · Recorp Ai Content Writing Assistant

Name of the Vulnerable Software and Affected Versions: ReCorp AI Content Writing Assistant Content Writer, GPT 3 & 4, ChatGPT, Image Generator All in One plugin versions = 1.1.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could...

PT-2023-21285

Name of the Vulnerable Software and Affected Versions Ego Studio SuperClean versions 1.1.5 through 1.1.9 Description An issue in Ego Studio SuperClean allows an attacker to gain privileges via the update info field of the default .xml file. Recommendations For versions 1.1.5 through 1.1.9, consid...