CVE-2024-6690

The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6690

The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites...

CVE-2024-6690

The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites...

CVE-2024-6693

CVE-2024-6693 affects the wccp-pro WordPress plugin. Versions prior to 15.3 do not sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). The impact is Stored XSS within admin-facing content/configs; ...

WordPress plugin wccp-pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2025-21489 · WordPress · Wccp-Pro

Name of the Vulnerable Software and Affected Versions: wccp-pro WordPress plugin versions prior to 15.3 Description: The issue concerns the wccp-pro WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as administrators, t...

PT-2025-21488

Name of the Vulnerable Software and Affected Versions: wccp-pro WordPress plugin versions prior to 15.3 Description: The issue concerns an open-redirect flaw via the referrer parameter, allowing the redirection of users to external sites. Recommendations: For versions prior to 15.3, update to...

WordPress plugin wccp-pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...