4 matches found
CVE-2026-2902
The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'frontendrewrite' function's 'WPMETEORNWPMETEOR' placeholder content in all versions up to, and including, 3.4.16 due to insufficient input sanitization and output escaping. Th...
EUVD-2026-26209
The WP Meteor Website Speed Optimization Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'frontendrewrite' function's 'WPMETEORNWPMETEOR' placeholder content in all versions up to, and including, 3.4.16 due to insufficient input sanitization and output escaping. Th...
WordPress Meteor Slides plugin <= 1.5.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Meteor Slides versions = 1.5.7...
WordPress WP Meteor Website Speed Optimization Addon plugin <= 3.4.3 - Unauthenticated Full Path Disclosure vulnerability
Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin WP Meteor Page Speed Optimization Topping versions = 3.4.3...