WordPress Mobile App Canvas Plugin <= 3.8.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata in WordPress Plugin Mobile App Canvas versions = 3.8.2...

CVE-2025-31816 WordPress Mobile App Canvas Plugin <= 3.8.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in pietro Mobile App Canvas allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Mobile App Canvas: from n/a through 3.8.1...

CVE-2025-31816 WordPress Mobile App Canvas Plugin <= 3.8.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in pietro Mobile App Canvas mobile-app allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mobile App Canvas: from n/a through = 3.8.2...

WordPress Mobile App Editor – WordPress to Android App Builder Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Mobile App Editor – WordPress to Android App Builder Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2273721d5def Credits...

WordPress iOS App Bug Leaked Secret Access Tokens to Third-Party Sites

If you have a "private" blog with WordPress.com and are using its official iOS app to create or edit posts and pages, the secret authentication token for your admin account might have accidentally been leaked to third-party websites. WordPress has recently patched a severe vulnerability in its iO...