CVE-2026-1804

The WDES Responsive Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdes-popup-title' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-1804

The WDES Responsive Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdes-popup-title' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-1804 WDES Responsive Popup <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'attr' Shortcode Attribute

The WDES Responsive Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdes-popup-title' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-1804 WDES Responsive Popup <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'attr' Shortcode Attribute

The WDES Responsive Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdes-popup-title' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress plugin WDES Responsive Popup 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-7499

The WDES Responsive Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wdes-popup-title' shortcode in all versions up to, and including, 1.3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress WDES Responsive Popup plugin <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'attr' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'attr' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WDES Responsive Popup versions = 1.3.6...

EUVD-2024-45901

Malicious code in bioql PyPI...

CVE-2024-52414

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

CVE-2024-52414

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

CVE-2024-52414 WordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu wdes-responsive-mobile-menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through = 5.3.18...

CVE-2024-52414 WordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Anthony Carbon WDES Responsive Mobile Menu allows Object Injection.This issue affects WDES Responsive Mobile Menu: from n/a through 5.3.18...

CVE-2024-52414

CVE-2024-52414 affects the WordPress plugin WDES Responsive Mobile Menu (versions up to 5.3.18). The issue is a Deserialization of Untrusted Data leading to PHP Object Injection. Impact is rated critical with high confidentiality, integrity, and availability implications. Remedy: upgrade to versi...

WordPress plugin WDES Responsive Mobile Menu 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress WDES Responsive Mobile Menu plugin <= 5.3.18 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WDES Responsive Mobile Menu versions = 5.3.18...

WordPress WDES Responsive Mobile Menu Plugin <= 5.3.18 is vulnerable to PHP Object Injection

Software WDES Responsive Mobile Menu Type Plugin Vulnerable versions = 5.3.18 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52414 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 3807cf50f771 Credits Mika Required privilege...