4 matches found
EUVD-2025-197958
The Restrictions for BuddyPress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handleoptinoptout function in all versions up to, and including, 1.5.2. This makes it possible for unauthenticated attackers to opt in and out of tracki...
CVE-2025-58863 WordPress Zoomify embed for WP Plugin <= 1.5.2 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in SdeWijs Zoomify embed for WP zoom-image-shortcode allows Stored XSS.This issue affects Zoomify embed for WP: from n/a through = 1.5.2...
WordPress CM On Demand Search And Replace Plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin CM On Demand Search And Replace versions = 1.5.2...
WordPress Pricing Table builder plugin <= 1.5.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Skalucy in WordPress Plugin Pricing Table builder versions = 1.5.3...