WordPress Pearl plugin <= 1.3.8 - Cross-Site Request Forgery to Header Deletion vulnerability

Cross-Site Request Forgery to Header Deletion vulnerability discovered by Noah Stead TurtleBurg in WordPress Plugin Pearl versions = 1.3.8...

WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika in WordPress Plugin Pearl versions = 1.3.9...

CVE-2025-31881

Technical details for CVE-2025-31881 are not provided in the supplied documents. No specific vendor, product version, affected component, exploit info, or remediation is present. Monitor official advisories and the CVE entry for future updates.

CVE-2025-31881 WordPress Pearl plugin <= 1.3.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Stylemix Pearl pearl-header-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pearl: from n/a through = 1.3.9...

CVE-2025-31880 WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stylemix Pearl pearl-header-builder allows Cross Site Request Forgery.This issue affects Pearl: from n/a through = 1.3.9...

CVE-2025-31880

Technical details for CVE-2025-31880 are not publicly provided in the connected documents. The initial description notes a CSRF issue in Pearl header-builder (WordPress plugin) up to version 1.3.9, but no concrete exploit, affected versions, or remediation details are included here. Monitor for u...

CVE-2025-31880 WordPress Pearl plugin <= 1.3.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Stylemix Pearl allows Cross Site Request Forgery. This issue affects Pearl: from n/a through 1.3.9...

CVE-2025-26986 WordPress Pearl Theme < 3.4.8 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Pearl - Corporate Business pearl allows PHP Local File Inclusion.This issue affects Pearl - Corporate Business: from n/a through 3.4.8...

WordPress WordPress Header Builder Plugin – Pearl plugin <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Krzysztof Zając in WordPress Plugin Pearl versions = 1.3.6...

WordPress Pearl Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Pearl Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4000 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24b9141edb4a Credits Krzysztof Zając Required privilege...

WordPress Pearl Plugin <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Pearl Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-38356 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 294baad52683 Credits István Márton Required...