10 matches found
CVE-2025-12186
The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
CVE-2025-12186
The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
CVE-2025-12186 Weekly Planner <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
EUVD-2025-201361
The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
CVE-2025-12186 Weekly Planner <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting
The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
CVE-2025-12186
CVE-2025-12186 (Weekly Planner WordPress plugin) is a stored XSS vulnerability affecting Weekly Planner versions up to 1.0. The flaw arises from insufficient input sanitization and output escaping in admin/settings, enabling authenticated attackers with administrator-level privileges (including m...
WordPress plugin Weekly Planner 跨站脚本漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...
PT-2025-49224
The Weekly Planner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions an...
WordPress Weekly Planner plugin <= 1.0 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Ivan Cese in WordPress Plugin Weekly Planner versions = 1.0...
Weekly Planner - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Weekly Planner published at the 'play' market has multiple vulnerabilities...