CVE-2024-6690

The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6693

The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-6690

The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites...

PT-2025-21488

Name of the Vulnerable Software and Affected Versions: wccp-pro WordPress plugin versions prior to 15.3 Description: The issue concerns an open-redirect flaw via the referrer parameter, allowing the redirection of users to external sites. Recommendations: For versions prior to 15.3, update to...

PT-2025-21489 · WordPress · Wccp-Pro

Name of the Vulnerable Software and Affected Versions: wccp-pro WordPress plugin versions prior to 15.3 Description: The issue concerns the wccp-pro WordPress plugin, which does not properly sanitise and escape some of its settings. This could allow high-privilege users, such as administrators, t...