9 matches found
WordPress plugin FlashMart 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
SUSE CVE-2025-34430
1Panel versions 1.10.33 through 2.0.15 contain a cross-site request forgery CSRF vulnerability in the panel name management functionality. The affected endpoint does not implement CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that...
EUVD-2025-202556
1Panel contains a cross-site request forgery CSRF vulnerability in the panel name management functionality...
GHSA-5XPQ-2VMC-5CQP 1Panel contains a cross-site request forgery (CSRF) vulnerability in the panel name management functionality
1Panel versions 1.10.33 through 2.0.15 contain a cross-site request forgery CSRF vulnerability in the panel name management functionality. The affected endpoint does not implement CSRF defenses such as anti-CSRF tokens or Origin/Referer validation. An attacker can craft a malicious webpage that...
CVE-2025-53993 WordPress JetPopup plugin <= 2.0.15 - Sensitive Data Exposure vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in Crocoblock JetPopup jet-popup allows Retrieve Embedded Sensitive Data.This issue affects JetPopup: from n/a through = 2.0.15...
CVE-2025-53994
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetPopup jet-popup allows DOM-Based XSS.This issue affects JetPopup: from n/a through = 2.0.15...
PT-2025-2208 · Social · Socialv
Name of the Vulnerable Software and Affected Versions: SocialV - Social Network and Community BuddyPress Theme versions up to, and including, 2.0.15 Description: The issue is related to unauthorized access of data due to a missing capability check on the socialv send download file function. This...
PT-2024-12568 · Unknown · Wpthemego Sw Product Bundles
Name of the Vulnerable Software and Affected Versions: wpthemego SW Product Bundles versions 2.0.15 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions...
WordPress plugin Cozy Blocks 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...