CVE-2026-32458

The CVE details an SQL Injection vulnerability in the WordPress WOLF plugin (RealMag777 WOLF bulk-editor) affecting versions up to 1.0.8.7. The issue is described as an improper neutralization of special elements used in an SQL command, enabling Blind SQL Injection. No exploit specifics or affect...

CVE-2025-24605 WordPress WOLF plugin <= 1.0.8.5 - Path Traversal vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in RealMag777 WOLF bulk-editor allows Path Traversal.This issue affects WOLF: from n/a through = 1.0.8.5...

WordPress WOLF Plugin <= 1.0.8.3 is vulnerable to Path Traversal

Software WOLF Type Plugin Vulnerable versions = 1.0.8.3 Fixed in 1.0.8.4 OWASP Top 10 A1: Broken Access Control Classification Path Traversal CVE CVE-2024-52396 Patch priority Medium CVSS severity Medium 4.9 Developer Claim ownership PSID 1a1949b4101b Credits Trương Hữu Phúc truonghuuphuc Require...

WordPress WOLF Plugin <=1.0.8.2 is vulnerable to Cross Site Scripting (XSS)

Software WOLF Type Plugin Vulnerable versions =1.0.8.2 Fixed in 1.0.8.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34558 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 75bcc909e11e Credits Elmini Required privilege Administrator...

WordPress WOLF Plugin <= 1.0.8.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WOLF Type Plugin Vulnerable versions = 1.0.8.1 Fixed in 1.0.8.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31430 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID de601e918847 Credits Dhabaleshwar Das Required...

WordPress WOLF Plugin <= 1.0.8.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WOLF Type Plugin Vulnerable versions = 1.0.8.1 Fixed in 1.0.8.2 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-0790 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f8d9bc304588 Credits Francesco Carlucci Required...

CVE-2023-46152 WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin = 1.0.7.1 versions...

WordPress WOLF Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)

Software WOLF Type Plugin Vulnerable versions = 1.0.6 Fixed in 1.0.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31218 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 34d06a9a9f59 Credits Junsu Yeo Required privilege...