“” の検索結果 | ページ 3 | WordPress脆弱性情報 WPセキュリティ

脆弱性情報

重大性 7.5

【plugin】『File Manager for Google Drive – Integrate Google Drive』(versions 1.5.3 以下)　Unauthenticated Sensitive Information Exposureの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『Visual Link Preview』(versions 2.2.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcodeの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce』(versions 3.6.4.1 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sendingの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『Spectra Gutenberg Blocks – Website Builder for the Block Editor』(versions 2.19.14 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Custom CSSの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『Features』(versions 0 未満)　Missing Authorization to Authenticated (Subscriber+) Option Resetの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 8.1

【plugin】『Premium Portfolio Features for Phlox theme』(versions 2.3.10 以下)　Unauthenticated Local File Inclusion via args[extra_template_path]の脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『WPeMatico RSS Feed Fetcher』(versions 2.8.11 以下)　Authenticated (Subscriber+) Server-Side Request Forgery via wpematico_test_feedの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『Graphina – Charts and Graphs For Elementor』(versions 3.1.8 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgetsの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 5.6

【plugin】『Everest Forms Pro』(versions 1.9.7 以下)　Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signatureの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 5.3

【plugin】『FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce』(versions 3.6.4.1 以下)　Unauthenticated Sensitive Information Exposureの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 9.8

【plugin】『AI Engine』(versions 3.1.3 以下)　Unauthenticated Sensitive Information Exposure to Privilege Escalationの脆弱性

2025.11.05

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『Associados Amazon Plugin』(versions 0.8 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『Reuse Builder』(versions 1.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodeの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.4

【plugin】『clubmember』(versions 0.2 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 9.8

【plugin】『Simple User Capabilities』(versions 1.0 以下)　Missing Authorization to Authenticated (Subscriber+) Privilege Escalationの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.4

【plugin】『Bootstrap Multi-language Responsive Portfolio』(versions 1.0 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『Greenshift – animation and page builder blocks』(versions 12.2.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Data Attributesの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.4

【plugin】『WP Carticon』(versions 1.0.0 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 7.2

【plugin】『Footnotes Made Easy』(versions 3.0.7 以下)　Unauthenticated Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『Visit Counter』(versions 1.0 – 1.0)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『WP Global Screen Options』(versions 0.2 以下)　Cross-Site Request Forgery to Screen Options Updateの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 7.5

【plugin】『Elegance Menu』(versions 1.9 以下)　Authenticated (Contributor+) Local File Inclusionの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.4

【plugin】『MeetingList』(versions 0.11 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『Import Export For WooCommerce』(versions 1.6.2 以下)　Missing Authorization to Authenticated (Subscriber+) Settings Updateの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.4

【plugin】『Nari Accountant』(versions 1.0.12 以下)　Authenticated (Editor+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 9.8

【plugin】『CE21 Suite』(versions 2.3.1 以下)　Unauthenticated Sensitive Information Exposure to Privilege Escalationの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『Label Plugins』(versions 0.5 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『LinkedIn Resume』(versions 2.00 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『Centangle-Team』(versions 1.0.0 以下)　Cross-Site Request Forgery To Plugin’s Settings Modification And Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 8.8

【plugin】『EM Beer Manager』(versions 3.2.3 以下)　Authenticated (Subscriber+) Arbitrary File Uploadの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One』(versions 2.0.7 – 2.2.6)　Missing Authorization to Authenticated (Subscriber+) Post Creationの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『MapMap』(versions 1.1 以下)　Cross-Site Request Forgery to Settings Update and Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 9.8

【plugin】『CE21 Suite』(versions 2.2.1 – 2.3.1)　Missing Authorization to Unauthenticated Privilege Escalation via Plugin Settings Updateの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『Extensions for Leaflet Map』(versions 4.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『LMB^Box Smileys』(versions 3.2 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 5.3

【plugin】『Simple User Capabilities』(versions 1.0 以下)　Missing Authorization to Unauthenticated Capability Resetの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 7.5

【plugin】『Crypto Payment Gateway with Payeer for WooCommerce』(versions 1.0.3 以下)　Unauthenticated Payment Bypassの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.4

【plugin】『TablePress – Tables in WordPress made easy』(versions 3.2.4 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributesの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 5.4

【plugin】『WPCF7 Stop words』(versions 1.1.3 以下)　Cross-Site Request Forgery to Settings Updateの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.5

【plugin】『All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier』(versions 2.0.3 以下)　Missing Authorization to Page Creation and Information Exposureの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『SH Contextual Help』(versions 3.2.1 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 6.1

【plugin】『Pagerank tools』(versions 1.1.5 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.4

【plugin】『Free Quotation』(versions 3.1.6 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 5.3

【plugin】『DominoKit』(versions 1.1.0 以下)　Missing Authorization to Unauthenticated Settings Updateの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 8.8

【plugin】『Master Blocks – Ultimate Gutenberg Blocks for Marketers』(versions 1.4.1.3 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 8.8

【plugin】『Image Comparison Addon for Elementor』(versions 1.0.2.2 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 8.8

【plugin】『Image Hover Effects for Elementor』(versions 1.0.2.3 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 8.8

【plugin】『Content Locker for Elementor』(versions 1.0.3 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『ViaAds』(versions 2.1.1 以下)　Cross-Site Request Forgery to API Key Updateの脆弱性

2025.11.04

カテゴリーなし

脆弱性情報

重大性 4.3

【plugin】『Posts Navigation Links for Sections and Headings – Free by WP Masters』(versions 1.0.1 以下)　Cross-Site Request Forgery to Settings Updateの脆弱性

2025.11.04

カテゴリーなし

WordPress脆弱性情報

"キーワード指定なし"

【plugin】『File Manager for Google Drive – Integrate Google Drive』(versions 1.5.3 以下) Unauthenticated Sensitive Information Exposureの脆弱性

【plugin】『Visual Link Preview』(versions 2.2.7 以下) Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcodeの脆弱性

【plugin】『FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce』(versions 3.6.4.1 以下) Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sendingの脆弱性

【plugin】『Spectra Gutenberg Blocks – Website Builder for the Block Editor』(versions 2.19.14 以下) Authenticated (Contributor+) Stored Cross-Site Scripting via Custom CSSの脆弱性

【plugin】『Features』(versions 0 未満) Missing Authorization to Authenticated (Subscriber+) Option Resetの脆弱性

【plugin】『Premium Portfolio Features for Phlox theme』(versions 2.3.10 以下) Unauthenticated Local File Inclusion via args[extra_template_path]の脆弱性

【plugin】『WPeMatico RSS Feed Fetcher』(versions 2.8.11 以下) Authenticated (Subscriber+) Server-Side Request Forgery via wpematico_test_feedの脆弱性

【plugin】『Graphina – Charts and Graphs For Elementor』(versions 3.1.8 以下) Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgetsの脆弱性

【plugin】『Everest Forms Pro』(versions 1.9.7 以下) Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signatureの脆弱性

【plugin】『FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce』(versions 3.6.4.1 以下) Unauthenticated Sensitive Information Exposureの脆弱性

【plugin】『AI Engine』(versions 3.1.3 以下) Unauthenticated Sensitive Information Exposure to Privilege Escalationの脆弱性

【plugin】『Associados Amazon Plugin』(versions 0.8 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Reuse Builder』(versions 1.7 以下) Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodeの脆弱性

【plugin】『clubmember』(versions 0.2 以下) Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Simple User Capabilities』(versions 1.0 以下) Missing Authorization to Authenticated (Subscriber+) Privilege Escalationの脆弱性

【plugin】『Bootstrap Multi-language Responsive Portfolio』(versions 1.0 以下) Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Greenshift – animation and page builder blocks』(versions 12.2.7 以下) Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Data Attributesの脆弱性

【plugin】『WP Carticon』(versions 1.0.0 以下) Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Footnotes Made Easy』(versions 3.0.7 以下) Unauthenticated Stored Cross-Site Scriptingの脆弱性

【plugin】『Visit Counter』(versions 1.0 – 1.0) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『WP Global Screen Options』(versions 0.2 以下) Cross-Site Request Forgery to Screen Options Updateの脆弱性

【plugin】『Elegance Menu』(versions 1.9 以下) Authenticated (Contributor+) Local File Inclusionの脆弱性

【plugin】『MeetingList』(versions 0.11 以下) Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Import Export For WooCommerce』(versions 1.6.2 以下) Missing Authorization to Authenticated (Subscriber+) Settings Updateの脆弱性

【plugin】『Nari Accountant』(versions 1.0.12 以下) Authenticated (Editor+) Stored Cross-Site Scriptingの脆弱性

【plugin】『CE21 Suite』(versions 2.3.1 以下) Unauthenticated Sensitive Information Exposure to Privilege Escalationの脆弱性

【plugin】『Label Plugins』(versions 0.5 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『LinkedIn Resume』(versions 2.00 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Centangle-Team』(versions 1.0.0 以下) Cross-Site Request Forgery To Plugin’s Settings Modification And Stored Cross-Site Scriptingの脆弱性

【plugin】『EM Beer Manager』(versions 3.2.3 以下) Authenticated (Subscriber+) Arbitrary File Uploadの脆弱性

【plugin】『Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One』(versions 2.0.7 – 2.2.6) Missing Authorization to Authenticated (Subscriber+) Post Creationの脆弱性

【plugin】『MapMap』(versions 1.1 以下) Cross-Site Request Forgery to Settings Update and Stored Cross-Site Scriptingの脆弱性

【plugin】『CE21 Suite』(versions 2.2.1 – 2.3.1) Missing Authorization to Unauthenticated Privilege Escalation via Plugin Settings Updateの脆弱性

【plugin】『Extensions for Leaflet Map』(versions 4.7 以下) Authenticated (Contributor+) Stored Cross-Site Scriptingの脆弱性

【plugin】『LMB^Box Smileys』(versions 3.2 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Simple User Capabilities』(versions 1.0 以下) Missing Authorization to Unauthenticated Capability Resetの脆弱性

【plugin】『Crypto Payment Gateway with Payeer for WooCommerce』(versions 1.0.3 以下) Unauthenticated Payment Bypassの脆弱性

【plugin】『TablePress – Tables in WordPress made easy』(versions 3.2.4 以下) Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributesの脆弱性

【plugin】『WPCF7 Stop words』(versions 1.1.3 以下) Cross-Site Request Forgery to Settings Updateの脆弱性

【plugin】『All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier』(versions 2.0.3 以下) Missing Authorization to Page Creation and Information Exposureの脆弱性

【plugin】『SH Contextual Help』(versions 3.2.1 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Pagerank tools』(versions 1.1.5 以下) Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Free Quotation』(versions 3.1.6 以下) Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『DominoKit』(versions 1.1.0 以下) Missing Authorization to Unauthenticated Settings Updateの脆弱性

【plugin】『Master Blocks – Ultimate Gutenberg Blocks for Marketers』(versions 1.4.1.3 以下) Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『Image Comparison Addon for Elementor』(versions 1.0.2.2 以下) Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『Image Hover Effects for Elementor』(versions 1.0.2.3 以下) Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『Content Locker for Elementor』(versions 1.0.3 以下) Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『ViaAds』(versions 2.1.1 以下) Cross-Site Request Forgery to API Key Updateの脆弱性

【plugin】『Posts Navigation Links for Sections and Headings – Free by WP Masters』(versions 1.0.1 以下) Cross-Site Request Forgery to Settings Updateの脆弱性

【plugin】『File Manager for Google Drive – Integrate Google Drive』(versions 1.5.3 以下)　Unauthenticated Sensitive Information Exposureの脆弱性

【plugin】『Visual Link Preview』(versions 2.2.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via visual-link-preview Shortcodeの脆弱性

【plugin】『FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce』(versions 3.6.4.1 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sendingの脆弱性

【plugin】『Spectra Gutenberg Blocks – Website Builder for the Block Editor』(versions 2.19.14 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Custom CSSの脆弱性

【plugin】『Features』(versions 0 未満)　Missing Authorization to Authenticated (Subscriber+) Option Resetの脆弱性

【plugin】『Premium Portfolio Features for Phlox theme』(versions 2.3.10 以下)　Unauthenticated Local File Inclusion via args[extra_template_path]の脆弱性

【plugin】『WPeMatico RSS Feed Fetcher』(versions 2.8.11 以下)　Authenticated (Subscriber+) Server-Side Request Forgery via wpematico_test_feedの脆弱性

【plugin】『Graphina – Charts and Graphs For Elementor』(versions 3.1.8 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgetsの脆弱性

【plugin】『Everest Forms Pro』(versions 1.9.7 以下)　Unauthenticated PHP Object Injection via PHAR Deserialization in Form Signatureの脆弱性

【plugin】『FunnelKit Automations – Email Marketing Automation and CRM for WordPress & WooCommerce』(versions 3.6.4.1 以下)　Unauthenticated Sensitive Information Exposureの脆弱性

【plugin】『AI Engine』(versions 3.1.3 以下)　Unauthenticated Sensitive Information Exposure to Privilege Escalationの脆弱性

【plugin】『Associados Amazon Plugin』(versions 0.8 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Reuse Builder』(versions 1.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcodeの脆弱性

【plugin】『clubmember』(versions 0.2 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Simple User Capabilities』(versions 1.0 以下)　Missing Authorization to Authenticated (Subscriber+) Privilege Escalationの脆弱性

【plugin】『Bootstrap Multi-language Responsive Portfolio』(versions 1.0 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Greenshift – animation and page builder blocks』(versions 12.2.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Data Attributesの脆弱性

【plugin】『WP Carticon』(versions 1.0.0 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Footnotes Made Easy』(versions 3.0.7 以下)　Unauthenticated Stored Cross-Site Scriptingの脆弱性

【plugin】『Visit Counter』(versions 1.0 – 1.0)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『WP Global Screen Options』(versions 0.2 以下)　Cross-Site Request Forgery to Screen Options Updateの脆弱性

【plugin】『Elegance Menu』(versions 1.9 以下)　Authenticated (Contributor+) Local File Inclusionの脆弱性

【plugin】『MeetingList』(versions 0.11 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『Import Export For WooCommerce』(versions 1.6.2 以下)　Missing Authorization to Authenticated (Subscriber+) Settings Updateの脆弱性

【plugin】『Nari Accountant』(versions 1.0.12 以下)　Authenticated (Editor+) Stored Cross-Site Scriptingの脆弱性

【plugin】『CE21 Suite』(versions 2.3.1 以下)　Unauthenticated Sensitive Information Exposure to Privilege Escalationの脆弱性

【plugin】『Label Plugins』(versions 0.5 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『LinkedIn Resume』(versions 2.00 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Centangle-Team』(versions 1.0.0 以下)　Cross-Site Request Forgery To Plugin’s Settings Modification And Stored Cross-Site Scriptingの脆弱性

【plugin】『EM Beer Manager』(versions 3.2.3 以下)　Authenticated (Subscriber+) Arbitrary File Uploadの脆弱性

【plugin】『Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One』(versions 2.0.7 – 2.2.6)　Missing Authorization to Authenticated (Subscriber+) Post Creationの脆弱性

【plugin】『MapMap』(versions 1.1 以下)　Cross-Site Request Forgery to Settings Update and Stored Cross-Site Scriptingの脆弱性

【plugin】『CE21 Suite』(versions 2.2.1 – 2.3.1)　Missing Authorization to Unauthenticated Privilege Escalation via Plugin Settings Updateの脆弱性

【plugin】『Extensions for Leaflet Map』(versions 4.7 以下)　Authenticated (Contributor+) Stored Cross-Site Scriptingの脆弱性

【plugin】『LMB^Box Smileys』(versions 3.2 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Simple User Capabilities』(versions 1.0 以下)　Missing Authorization to Unauthenticated Capability Resetの脆弱性

【plugin】『Crypto Payment Gateway with Payeer for WooCommerce』(versions 1.0.3 以下)　Unauthenticated Payment Bypassの脆弱性

【plugin】『TablePress – Tables in WordPress made easy』(versions 3.2.4 以下)　Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributesの脆弱性

【plugin】『WPCF7 Stop words』(versions 1.1.3 以下)　Cross-Site Request Forgery to Settings Updateの脆弱性

【plugin】『All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier』(versions 2.0.3 以下)　Missing Authorization to Page Creation and Information Exposureの脆弱性

【plugin】『SH Contextual Help』(versions 3.2.1 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Pagerank tools』(versions 1.1.5 以下)　Cross-Site Request Forgery to Stored Cross-Site Scriptingの脆弱性

【plugin】『Free Quotation』(versions 3.1.6 以下)　Authenticated (Admin+) Stored Cross-Site Scriptingの脆弱性

【plugin】『DominoKit』(versions 1.1.0 以下)　Missing Authorization to Unauthenticated Settings Updateの脆弱性

【plugin】『Master Blocks – Ultimate Gutenberg Blocks for Marketers』(versions 1.4.1.3 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『Image Comparison Addon for Elementor』(versions 1.0.2.2 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『Image Hover Effects for Elementor』(versions 1.0.2.3 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『Content Locker for Elementor』(versions 1.0.3 以下)　Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Uploadの脆弱性

【plugin】『ViaAds』(versions 2.1.1 以下)　Cross-Site Request Forgery to API Key Updateの脆弱性

【plugin】『Posts Navigation Links for Sections and Headings – Free by WP Masters』(versions 1.0.1 以下)　Cross-Site Request Forgery to Settings Updateの脆弱性