CVE-2025-63034

Missing Authorization vulnerability in Steve Truman Page View Count page-views-count allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page View Count: from n/a through = 2.9.0...

WordPress MSN Partner Hub plugin <= 2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by n0arafatn0 in WordPress Plugin MSN Partner Hub versions = 2.9...

CVE-2024-1169

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to unauthorized media upload due to a missing capability check on the buddyformsuploadhandledroppedmedia function in all versions up to, and...

PT-2024-1238 · WordPress · Post Smtp Mailer

Name of the Vulnerable Software and Affected Versions: POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress versions up to, and including, 2.8.7 Description: The issue is related to a type juggling problem on the connect-app REST...

Naviwebs Navigate CMS Cross-Site Scripting Vulnerability (CNVD-2020-35983)

Navigate CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in the lib/packages/structure/structure.class.php file in Navigate CMS 2.8.7 and earlier versions. The vulnerability stems from a lack of proper validation of client-side data by the WEB...