54 matches found
CVE-2026-57786
Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core workscout-core allows Authentication Bypass.This issue affects WorkScout-Core: from n/a through = 1.7.08...
CVE-2026-57786
CVE-2026-57786 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin WorkScout-Core (purethemes WorkScout-Core) that allows authentication bypass. Affected versions are WorkScout-Core up to and including 1.7.08. The connected sources (NVD and CVE records) confirm the...
CVE-2026-57786 WordPress WorkScout-Core plugin <= 1.7.08 - Cross Site Request Forgery (CSRF) to Broken Authentication vulnerability
Cross-Site Request Forgery CSRF vulnerability in purethemes WorkScout-Core workscout-core allows Authentication Bypass.This issue affects WorkScout-Core: from n/a through = 1.7.08...
WordPress WorkScout-Core plugin <= 1.7.08 - Cross Site Request Forgery (CSRF) to Broken Authentication vulnerability
Cross Site Request Forgery CSRF to Broken Authentication vulnerability discovered by Phat RiO in WordPress Plugin WorkScout-Core versions = 1.7.08...
CVE-2026-52716
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
EUVD-2026-37700
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
CVE-2026-52716 WordPress WorkScout-Core plugin <= 1.7.11 - Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion in WorkScout-Core = 1.7.11 versions...
CVE-2025-67959
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...
CVE-2025-67960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...
CVE-2025-67960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...
CVE-2025-67959
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...
CVE-2025-67959 WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...
CVE-2025-67960 WordPress WorkScout-Core plugin <= 1.7.06 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...
CVE-2025-67959
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...
CVE-2025-67960
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...
CVE-2025-67960
CVE-2025-67960 describes a Reflected XSS in the WordPress plugin WorkScout-Core (purethemes WorkScout-Core) affecting versions up to 1.7.06. The issue is caused by improper neutralization of input during web page generation (cross-site scripting). The connected Wordfence details confirm this CVE ...
CVE-2025-67959
CVE-2025-67959 is a Reflected XSS in the WordPress WorkScout theme (versions up to 4.1.07). The vulnerability stems from improper input handling during web page generation. CVSS: 3.1 base 7.1 (HIGH), network access, no privileges, user interaction required; exploitation context is reflected XSS. ...
CVE-2025-67959 WordPress WorkScout theme <= 4.1.07 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout workscout allows Reflected XSS.This issue affects WorkScout: from n/a through = 4.1.07...
CVE-2025-67960 WordPress WorkScout-Core plugin <= 1.7.06 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in purethemes WorkScout-Core workscout-core allows Reflected XSS.This issue affects WorkScout-Core: from n/a through = 1.7.06...
WordPress plugin WorkScout-Core has cross-site scripting vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...