CVE-2023-50828

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in David Vongries Ultimate Dashboard – Custom WordPress Dashboard allows Stored XSS.This issue affects Ultimate Dashboard – Custom WordPress Dashboard: from n/a through 3.7.11...

CVE-2026-22488 WordPress Dashboard Welcome for Beaver Builder plugin <= 1.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in IdeaBox Creations Dashboard Welcome for Beaver Builder dashboard-welcome-for-beaver-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dashboard Welcome for Beaver Builder: from n/a through = 1.0.8...

CVE-2025-62087

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard wb-sticky-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through = 1.2.4...

CVE-2025-62087

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard wb-sticky-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through = 1.2.4...

EUVD-2025-206007

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through 1.2.4...

CVE-2025-62087 WordPress Sticky Notes for WP Dashboard plugin <= 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard wb-sticky-notes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through = 1.2.4...

PT-2025-54376

Missing Authorization vulnerability in Web Builder 143 Sticky Notes for WP Dashboard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sticky Notes for WP Dashboard: from n/a through 1.2.4...

CVE-2025-10660

CVE-2025-10660 details (CWE: SQL Injection). The WP Dashboard Chat plugin for WordPress is vulnerable via the id parameter in all versions up to 1.0.3 due to insufficient escaping of user input and inadequate preparation of the existing SQL query. This enables authentication-conscious actors with...

CVE-2025-10660 WP Dashboard Chat <= 1.0.3 - Authenticated (Contributor+) SQL Injection via id

The WP Dashboard Chat plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-10660 WP Dashboard Chat <= 1.0.3 - Authenticated (Contributor+) SQL Injection via id

The WP Dashboard Chat plugin for WordPress is vulnerable to SQL Injection via the ‘id’ parameter in all versions up to, and including, 1.0.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

EUVD-2023-55561

Malicious code in bioql PyPI...

CVE-2025-53293 WordPress Dashboard Widget Sidebar plugin <= 1.2.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Morten Dalgaard Johansen Dashboard Widget Sidebar dashboard-widget-sidebar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dashboard Widget Sidebar: from n/a through = 1.2.3...

WordPress plugin WP Dashboard Notes 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2025-23906

Missing Authorization vulnerability in wpseek WordPress Dashboard Tweeter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Dashboard Tweeter: from n/a through 1.3.2...

CVE-2025-23906 WordPress WordPress Dashboard Tweeter plugin <= 1.3.2 - Settings Change vulnerability

Missing Authorization vulnerability in wpseek WordPress Dashboard Tweeter allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WordPress Dashboard Tweeter: from n/a through 1.3.2...

CVE-2025-39441 WordPress Dashboard Notepads plugin <= 1.2.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in swedish boy Dashboard Notepads allows Stored XSS. This issue affects Dashboard Notepads: from n/a through 1.2.1...

WordPress plugin WordPress Dashboard Tweeter 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-15958 · WordPress · Dashboard Widgets Suite

Name of the Vulnerable Software and Affected Versions: Dashboard Widgets Suite plugin for WordPress versions up to, and including, 3.4.3 Description: The issue is related to Reflected Cross-Site Scripting via the tab parameter due to insufficient input sanitization and output escaping. This allow...

WordPress Dashboard Widgets Suite Plugin <= 3.4.3 is vulnerable to Cross Site Scripting (XSS)

Software Dashboard Widgets Suite Type Plugin Vulnerable versions = 3.4.3 Fixed in 3.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0979 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ec515656a329 Credits Krzysztof...

WordPress Dashboard To-Do List Plugin <= 1.2.0 is vulnerable to Broken Access Control

Software Dashboard To-Do List Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35723 Patch priority Low CVSS severity Low 4.3 Developer Andrew Rapps PSID e4b3c03fafe1 Credits CatFather Required privileg...