EUVD-2025-206071

Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0...

CVE-2025-28973 WordPress Pro Bulk Watermark Plugin for WordPress <= 2.0 - Path Traversal Vulnerability

Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress pro-watermark allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through = 2.0...

CVE-2025-28973 WordPress Pro Bulk Watermark Plugin for WordPress <= 2.0 - Path Traversal Vulnerability

Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress pro-watermark allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through = 2.0...

PT-2025-54444

Name of the Vulnerable Software and Affected Versions AA-Team Pro Bulk Watermark Plugin for WordPress versions through 2.0 Description The AA-Team Pro Bulk Watermark Plugin for WordPress contains a path traversal flaw. The issue is due to insufficient sanitization of user-supplied input,...

WordPress plugin Pro Bulk Watermark Plugin for WordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...

EUVD-2025-26249

Malicious code in bioql PyPI...

CVE-2025-57985 WordPress Ultimate Watermark Plugin <= 1.1 - Broken Access Control Vulnerability

Missing Authorization vulnerability in MantraBrain Ultimate Watermark ultimate-watermark allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Watermark: from n/a through = 1.1...

CVE-2025-4956 WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 - Path Traversal Vulnerability

Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0...

CVE-2025-4956

CVE-2025-4956 affects the WordPress AA-Team/Pro Bulk Watermark Plugin (Pro Bulk Watermark Plugin) up to version 2.0. A path traversal flaw is triggered by the sequence "."/"../" or the extended form ".../...//", allowing traversal to sensitive files. Impact is confidentiality leakage as described...

WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 is vulnerable to Path Traversal

Software Pro Bulk Watermark Plugin for WordPress Type Theme Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Path Traversal CVE CVE-2025-4956 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID cbe2badf404d Credits ch4r0n...

WordPress Pro Bulk Watermark Plugin for WordPress <= 2.0 - Path Traversal Vulnerability

Path Traversal Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Pro Bulk Watermark Plugin for WordPress versions = 2.0...

WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 is vulnerable to Path Traversal

Software Pro Bulk Watermark Plugin for WordPress Type Theme Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2025-28973 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID c40f943bba08 Credits Tran Nguyen Bao Khanh VCI -...

CVE-2024-1994

The Image Watermark plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the watermarkactionajax function in all versions up to, and including, 1.7.3. This makes it possible for authenticated attackers, with subscriber-level access and above...

WordPress Marekkis Watermark plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Marekkis Watermark versions = 0.9.4...

WordPress plugin DX-Watermark 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

CVE-2024-1994

CVE-2024-1994 affects the Image Watermark WordPress plugin; due to a missing capability check in watermark_action_ajax(), authenticated users with subscriber level access and higher can apply or remove watermarks in all versions up to 1.7.3. Impact: data modification (watermarking) of images. Aff...

WordPress DX-Watermark Plugin <= 1.0.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software DX-Watermark Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-30560 Patch priority Low CVSS severity Low 9.6 Developer Claim ownership PSID 545443b5c1d7 Credits Dimas Maulana Required...

WordPress Plugin Watermark RELOADED Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Marekkis Watermark 0.9.2 - wp-admin/options-general.php pfad Parameter XSS

The Marekkis Watermark-Plugin WordPress plugin was affected by a wp-admin/options-general.php pfad Parameter XSS security vulnerability...

Cross site scripting

Cross-site scripting XSS vulnerability in the Marekkis Watermark plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pfad parameter to wp-admin/options-general.php. NOTE: some of these details are obtained from third party information...