89 matches found
WordPress Shortcodes Ultimate plugin <= 7.4.2 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Shortcodes Ultimate versions = 7.4.2...
WordPress WP Video Lightbox plugin <= 1.9.11 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via prettyPhoto JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin WP Video Lightbox versions = 1.9.11...
WordPress NextGEN Gallery plugin <= 3.59.11 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin NextGEN Gallery versions = 3.59.11...
WordPress Royal Elementor Addons plugin <= 1.7.1031 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Royal Elementor Addons versions = 1.7.1031...
WordPress Grid KIT Portfolio plugin <= 2.2.1 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Grid KIT Portfolio versions = 2.2.1...
WordPress OnePress theme <= 2.3.15 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Theme OnePress versions = 2.3.15...
WordPress Gallery with thumbnail slider plugin <= 7.8 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Gallery with thumbnail slider versions = 7.8...
WordPress Greenshift plugin <= 12.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Data Attributes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Chart Data Attributes vulnerability discovered by Webbernaut in WordPress Plugin Greenshift versions = 12.2.7...
EUVD-2025-11585
Malicious code in bioql PyPI...
PT-2025-16976 · Webbernaut · Webbernaut Cloak Front End Email
Name of the Vulnerable Software and Affected Versions: webbernaut Cloak Front End Email versions 1.9.5 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. This can be exploited in th...
WordPress Betheme plugin <= 28.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Theme Betheme versions = 28.0.3...
WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Booster for WooCommerce versions = 7.2.4...
WordPress DethemeKit for Elementor plugin <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin DethemeKit For Elementor versions = 2.1.9...
WordPress All in One WP Migration plugin <= 7.89 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by Webbernaut in WordPress Plugin All-in-One WP Migration versions = 7.89...
WordPress Finale Lite plugin <= 2.19.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Countdown Timer vulnerability
Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Countdown Timer vulnerability discovered by Webbernaut in WordPress Plugin Finale Lite versions = 2.19.0...
WordPress Master Addons plugin <= 2.0.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Master Addons for Elementor versions = 2.0.7.2...
WordPress Chaty plugin <= 3.3.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Chaty versions = 3.3.5...
WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Image Photo Gallery Final Tiles Grid versions = 3.6.0...
WordPress Visualizer plugin <= 3.11.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Import Data From File vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Import Data From File vulnerability discovered by Webbernaut in WordPress Plugin Visualizer versions = 3.11.8...
WordPress Rank Math SEO plugin <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Rank Math API vulnerability discovered by Webbernaut in WordPress Plugin Rank Math SEO versions = 1.0.235...