12 matches found
EUVD-2026-36814
Unauthenticated Broken Authentication in CloudSecure WP Security = 1.4.7 versions...
CVE-2026-8438 All-In-One Security (AIOS) <= 5.4.7 - Unauthenticated Stored Cross-Site Scripting via REST API Request Path
The All-In-One Security AIOS – Security and Firewall plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.4.7. This is due to insufficient input sanitization in the getrestroute function and missing output escaping in the columndefault method of the...
PT-2025-30640 · WordPress · The Security Ninja – Wordpress Security Plugin & Firewall
Name of the Vulnerable Software and Affected Versions: The Security Ninja – WordPress Security Plugin & Firewall versions prior to 5.243 Description: The Security Ninja – WordPress Security Plugin & Firewall plugin for WordPress is susceptible to an arbitrary file read issue. This allows...
CVE-2024-49222 WordPress WPGuppy plugin <= 1.1.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Amento Tech Pvt ltd WPGuppy allows Object Injection.This issue affects WPGuppy: from n/a through 1.1.0...
WordPress Security & Malware scan by CleanTalk Plugin <= 2.145 is vulnerable to SQL Injection
Software Security & Malware scan by CleanTalk Type Plugin Vulnerable versions = 2.145 Fixed in 2.145.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10570 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ceade72368ed Credits mikemyers Required...
WordPress Plugin SecuPress Free — WordPress Security 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin SecuPress Free - A securit...
WordPress WP Cerber Security Plugin <= 9.1 is vulnerable to Cross Site Scripting (XSS)
Software WP Cerber Security Type Plugin Vulnerable versions = 9.1 Fixed in 9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4712 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 381a6dfeb33d Credits Ramuel Gall Required...
WordPress plugin WordPress Security 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress WordPress Security plugin versions prior to 4.2.1 have a cross-site scripting vulnerability that...
WordPress plugin cross-site scripting vulnerability (CNVD-2021-36529)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the...
WordPress Plugin All In One WP Security & Firewall admin/wp-security-list-acct-activity.php SQL Injection Vulnerability
WordPress is a set of blogging platform developed in PHP language by WordPress Software Foundation, which supports setting up personal blog sites on servers with PHP and MySQL.All In One WP Security & Firewall Plugin for WordPress is a Wordpress Security Plugin. The All In One WP Security &...
All In One WP Security & Firewall vulnerable to cross-site request forgery
Overview All In One WP Security & Firewall is WordPress plugin that provides security functionality. All In One WP Security & Firewall contains a cross-site request forgery vulnerability CWE-352. Impact If a user views a malicious page while logged in, access logs 404 events maintained by the...
Wordpress Zingiri Web Shop Plugin 2.2.0 Remote File Inclusion
Exploit for php platform in category web applications Exploit Title: Zingiri Web Shop Wordpress plugin RFI Google Dork: inurl:wp-content/plugins/zingiri-web-shop Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing Software Link:...