Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF β WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.
7.1CVSS
6.1AI Score
0.0005EPSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF β WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
5.9CVSS
4.9AI Score
0.0005EPSS
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF β WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
8.8CVSS
8.8AI Score
0.001EPSS
The WOLF β WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.1. This is due to missing or incorrect nonce validation on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax...
5.4CVSS
5.2AI Score
0.001EPSS
The WOLF β WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and ...
4.3CVSS
5.2AI Score
0.001EPSS
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF β WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF β WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.
7.1CVSS
6.5AI Score
0.0005EPSS