33 matches found
WordPress Team Members – Multi Language Supported Team Plugin plugin <= 8.7 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by AveronSec - Averon Security in WordPress Plugin Team Member versions = 8.7...
CVE-2025-62745 WordPress Team Showcase plugin <= 1.22.28 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Team Showcase allows Stored XSS. This issue affects Team Showcase: from n/a through 1.22.28...
WordPress Team Showcase plugin <= 1.22.28 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Team Showcase versions = 1.22.28...
WordPress Team Members – A WordPress Team Plugin with Gallery, Grid, Carousel, Slider, Table, List, and More plugin <= 2.5.8 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin WordPress Team Members – GS Plugins versions = 2.5.8...
WordPress Team plugin <= 5.0.11 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Doan Dinh Van in WordPress Plugin Team versions = 5.0.11...
Exploit for CVE-2025-14124
CVE-2025-14124 WordPress Team Plugin - Unauthenticated SQL...
EUVD-2024-37555
Malicious code in bioql PyPI...
EUVD-2022-33744
Malicious code in bioql PyPI...
CVE-2025-58222 WordPress Team Manager plugin <= 2.5.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Maidul Team Manager wp-team-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team Manager: from n/a through = 2.5.1...
CVE-2025-32308 WordPress Team Builder <= 1.5.7 - Broken Access Control Vulnerability
Missing Authorization vulnerability in looksawesome Team Builder allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Builder: from n/a through 1.5.7...
CVE-2025-32308 WordPress Team Builder plugin <= 1.5.7 - Broken Access Control Vulnerability
Missing Authorization vulnerability in looksawesome Team Builder a-team-showcase allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team Builder: from n/a through = 1.5.7...
CVE-2025-32308
CVE-2025-32308 concerns Team Builder — Meet The Team WordPress Plugin. The issue is described as a Missing Authorization vulnerability caused by incorrectly configured access control security levels, enabling bypass of authorization checks. The vulnerability affects versions from n/a up to 1.5.7 ...
CVE-2025-49248 WordPress Team Showcase < 25.05.13 - Broken Access Control Vulnerability
Missing Authorization vulnerability in cmoreira Team Showcase allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Showcase: from n/a through n/a...
CVE-2024-38704
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in DynamicWebLab WordPress Team Manager allows PHP Local File Inclusion.This issue affects WordPress Team Manager: from n/a through 2.1.12...
CVE-2025-32686 WordPress Team Members plugin <= 3.4.4 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in WPSpeedo Team Members wps-team allows Object Injection.This issue affects Team Members: from n/a through = 3.4.4...
CVE-2025-32686 WordPress Team Members plugin <= 3.4.4 - PHP Object Injection Vulnerability
Deserialization of Untrusted Data vulnerability in WPSpeedo Team Members wps-team allows Object Injection.This issue affects Team Members: from n/a through = 3.4.4...
CVE-2025-31905 WordPress Team Rosters Plugin <= 4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NotFound Team Rosters allows Reflected XSS. This issue affects Team Rosters: from n/a through 4.7...
WordPress Team Member Plugin <= 7.3 is vulnerable to Local File Inclusion
Software Team Member Type Plugin Vulnerable versions = 7.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-52385 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f127efd80d70 Credits João Pedro S Alcântara Kinorth Require...
WordPress Team Showcase and Slider – Team Members Builder Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)
Software Team Showcase and Slider – Team Members Builder Type Plugin Vulnerable versions = 1.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51763 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 901482778662 Credits Mika...
CVE-2024-10223 HT Team Member <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via htteamember Shortcode
The WP Team – WordPress Team Member Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's htteamember shortcode in all versions up to, and including, 1.1.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...