10 matches found
CVE-2023-31218
CVE-2023-31218 affects realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin (1.0.6 (1.0.7+). If you use this plugin, upgrade to 1.0.7 or later to mitigate risk. Technical details provided in connected entries confirm affected software and root cause; no additional exploit...
CVE-2024-0790
CVE-2024-0790 (WOLF – WordPress Posts Bulk Editor and Manager Professional) is a CSRF vulnerability in the WordPress plugin, affecting versions up to 1.0.8.1. The issue stems from missing or incorrect nonce validation on functions wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_te...
CVE-2024-0791
CVE-2024-0791 (WOLF – WordPress Posts Bulk Editor and Manager Professional) is a vulnerability in the WOLF plugin for WordPress (v1.0.8.1 and earlier) caused by a missing capability check in wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term. This allows authenticated users with...
CVE-2023-46152
CVE-2023-46152 concerns the WOLF plugin (WordPress Posts Bulk Editor and Manager Professional) for WordPress. The vulnerability is a Cross-Site Request Forgery (CSRF) in realmag777 WOLF versions
CVE-2024-22159
CVE-2024-22159 affects WOLF – WordPress Posts Bulk Editor and Manager Professional (versions up to 1.0.8). The vulnerability is improper neutralization of input during web page generation, leading to a Reflected XSS. Impact is a client-side script injection through input that is not properly sani...
CVE-2023-44990
CVE-2023-44990 affects the WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress, specifically versions
CVE-2024-31430
CSRF vulnerability (CVE-2024-31430) exists in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional and BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net . Affected range per Red Hat entry: WOLF up to 1.0.8.1 and BEAR up to 1.1.4.1. This issue i...
CVE-2025-24605
CVE-2025-24605 is a path-traversal vulnerability in WordPress WOLF plugin (versions up to and including 1.0.8.5) caused by improper limitation of a pathname to a restricted directory. Multiple sources (NVD, Red Hat, CVE List, CNNVD, PatchStack, CIRCL) confirm the issue; affected component is the ...
CVE-2024-52396
CVE-2024-52396 describes a path traversal in the WordPress plugin WOLF (WOLF – WordPress Posts Bulk Editor and Manager Professional) affecting versions up to 1.0.8.3. The root cause is an improper limitation of a pathname to a restricted directory, enabling traversal to restricted paths when proc...
CVE-2024-34558
CVE-2024-34558 affects the WOLF – WordPress Posts Bulk Editor and Manager Professional plugin. Red Hat lists it as an improper neutralization of input during web page generation, enabling stored XSS. Affected range: WOLF from n/a through 1.0.8.2. The impact is stored XSS with potential for creden...