6 matches found
CVE-2026-8760 Login with OTP <= 1.6 - Unauthenticated Authentication Bypass via OTP Brute Force
The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.6. This is due to an incomplete fix for CVE-2024-11178: the rate-limit/lockout check added to otplloginaction was placed only inside the OTP-generation branch and is never...
WordPress plugin WP FullCalendar 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
EUVD-2025-34537
The Zip Attachments plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check as well as missing post status validation in the zacreatezipcallback function in all versions up to, and including, 1.6. This makes it possible for unauthenticated attackers to...
CVE-2025-61590
Cursor (editor) versions ≤1.6 are vulnerable to remote code execution via Visual Studio Code Workspaces. The attack involves hijacking the user’s chat context to prompt-inject and modify .code-workspace/settings, enabling RCE by writing to the workspace settings. The issue is fixed in version 1.7...
CVE-2025-58667 WordPress ListingPro Reviews plugin < 2.9.11 - Broken Access Control vulnerability
Missing Authorization vulnerability in CridioStudio ListingPro Reviews listingpro-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ListingPro Reviews: from n/a through 2.9.11...
WordPress Romea - Personal Portfolio WordPress theme theme <= 1.6 - Local File Inclusion vulnerability
WordPress Romea - Personal Portfolio WordPress theme theme = 1.6 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Romea - Personal Portfolio WordPress Theme versions = 1.6...