Wordpress 漏洞列表
共找到 200 个与 Wordpress 相关的漏洞
📅 加载漏洞趋势中...
- 2025-11-18WordPress Kognetiks Chatbot for WordPress <= 2.0.0 任意文件上传漏洞
- 2025-11-18WordPress Verbalize WP 存在任意文件上传漏洞(CVE-2024-49668)
- POC 2025-11-14CVE-2021-4374: WordPress Automatic Plugin - Unauthenticated Options Change
- POC 2025-11-14CVE-2025-11749: WordPress AI Engine Plugin - Token Exposure
- 2025-11-14WordPress WooCommerce Designer Pro 插件 /wp-admin/admin-ajax.php wcdp_save_canvas_design_ajax 文件上传漏洞(CVE-2025-6440)
- POC 2025-11-11CVE-2025-4302: Stop User Enumeration WordPress plugin - Authentication Bypass
- 2025-11-07WordPress Google for WooCommerce /wp-content/plugins/google-listings-and-ads/vendor/googleads/google-ads-php/scripts/print_php_information.php 信息泄露漏洞(CVE-2024-10486)
- 2025-11-07WordPress Events Manager /wp-admin/admin-ajax.php SQL 注入漏洞(CVE-2025-6970)
- 2025-10-17wordpress /wp-json/wp/v2/users 信息泄露漏洞
- 2025-10-14WordPress plugin WP JobHunt 跨站脚本漏洞
- 2025-09-26WordPress Featured Image from URL plugin信息泄露漏洞(CVE-2025-9985)
- 2025-09-19Wordpress Plugin Depicter /wp-admin/admin-ajax.php depicter-lead-list SQL 注入漏洞(CVE-2025-2011)
- 2025-09-19Wordpress Plugin Eventin /wp-admin/admin-ajax.php proxy_image 文件读取漏洞(CVE-2025-3419)
- 2025-09-19Wordpress Plugin Ultimate Auction Pro /wp-admin/admin-ajax.php uwa_see_more_bids_ajax SQL 注入漏洞 (CVE-2025-4204)
- 2025-09-19Wordpress WooCommerce Ultimate Gift Card /wp-admin/admin-ajax.php mwb_wgm_preview_mail 文件上传漏洞(CVE-2024-8425)
- 2025-09-11WordPress Ditty 存在 SSRF 漏洞(CVE-2025-8085)
- 2025-09-02WordPress plugin Events Addon for Elementor 跨站脚本漏洞
- 2025-09-02WordPress plugin Related Posts Lite 跨站请求伪造漏洞
- 2025-09-02WordPress plugin TablePress 跨站脚本漏洞
- 2025-09-02WordPress plugin Ocean Extra 跨站脚本漏洞
- 2025-09-01CVE-2019-19985: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - Unauthenticated File Download
- 2025-09-01wordpress-ext-adaptive-images-lfi: Wordpress Ext Adaptive Images lfi
- 2025-09-01wordpress-ext-mailpress-rce: Wordpress Ext Mailpress RCE
- 2025-09-01wordpress-install: WordPress Exposed Installation
- 2025-09-01wordpress-wpconfig-inclosure: Wordpress wpconfig disclosure
- 2025-08-29WordPress plugin Xagio SEO 信息泄露漏洞
- 2025-08-25WordPress Ajar in5 Embed 插件 /wp-admin/admin-ajax.php in5 文件上传漏洞(CVE-2024-50473)
- 2025-08-22WordPress JS Help Desk /wp-admin/admin.php 代码执行漏洞(CVE-2024-7094)
- 2025-08-22WordPress InstaWP Connect 插件 / rest_route 文件上传漏洞(CVE-2024-2667)
- 2025-08-21WordPress Business Directory 插件 /business-directory SQL 注入漏洞(CVE-2024-4443)
- 2025-08-21WordPress Automatic 插件 /wp-content/plugins/wp-automatic/inc/csv.php SQL 注入漏洞(CVE-2024-27956)
- 2025-08-21WordPress Plugin email-subscribers /wp-admin/admin-post.php advanced_filter SQL 注入漏洞(CVE-2024-2876)
- 2025-08-21WordPress Ninja Tables Plugin /wp-admin/admin-ajax.php url 文件读取漏洞
- 2025-08-21WordPress的Ninja Tables插件(版本<4.1.9)存在未经验证的任意文件下载漏洞
- 2025-08-21WordPress Events Manager <= 7.0.3 SQL注入漏洞(CVE-2025-6970)
- 2025-08-08WordPress CZ Loan Management <= 1.1 /wp-admin/admin-ajax.php SQL 注入漏洞 (CVE-2024-5975)
- 2025-08-08WordPress TrueBooker WordPress插件 /wp-content/plugins/truebooker-appointment-booking/main/truebooker-service-price.php SQL 注入漏洞 (CVE-2024-6924)
- 2025-08-08WordPress Web Directory Free < 1.7.0 /wp-admin/admin-ajax.php SQL 注入漏洞 (CVE-2024-3552)
- 2025-08-08WordPress LayerSlider 插件 /wp-admin/admin-ajax.php id SQL 注入漏洞(CVE-2024-2879)
- 2025-08-08WordPress Verbalize 插件 /wp-admin/admin-ajax.php generate_code 文件上传漏洞(CVE-2024-49668)
- POC 2025-08-01CVE-2022-29455-headless: WordPress Elementor Website Builder <= 3.5.5 - DOM Cross-Site Scripting
- POC 2025-08-01CVE-2008-1059: WordPress Sniplets 1.1.2 - Local File Inclusion
- POC 2025-08-01CVE-2008-1061: WordPress Sniplets <=1.2.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2011-5106: WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting
- POC 2025-08-01CVE-2011-5265: Featurific For WordPress 1.6.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2012-1835: WordPress Plugin All-in-One Event Calendar 1.4 - Cross-Site Scripting
- POC 2025-08-01CVE-2012-4242: WordPress Plugin MF Gig Calendar 0.9.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2012-4768: WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2012-5913: WordPress Integrator 1.32 - Cross-Site Scripting
- POC 2025-08-01CVE-2012-6499: WordPress Plugin Age Verification v0.4 - Open Redirect
- POC 2025-08-01CVE-2013-2287: WordPress Plugin Uploader 1.0.4 - Cross-Site Scripting
- POC 2025-08-01CVE-2013-3526: WordPress Plugin Traffic Analyzer - 'aoid' Cross-Site Scripting
- POC 2025-08-01CVE-2013-4117: WordPress Plugin Category Grid View Gallery 2.3.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2013-4625: WordPress Plugin Duplicator < 0.4.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2013-6281: WordPress Spreadsheet - Cross-Site Scripting
- POC 2025-08-01CVE-2013-7240: WordPress Plugin Advanced Dewplayer 1.2 - Directory Traversal
- POC 2025-08-01CVE-2014-4940: WordPress Plugin Tera Charts - Local File Inclusion
- POC 2025-08-01CVE-2014-4942: WordPress EasyCart <2.0.6 - Information Disclosure
- POC 2025-08-01CVE-2014-5368: WordPress Plugin WP Content Source Control - Directory Traversal
- POC 2025-08-01CVE-2014-8799: WordPress Plugin DukaPress 2.5.2 - Directory Traversal
- POC 2025-08-01CVE-2014-9094: WordPress DZS-VideoGallery Plugin Cross-Site Scripting
- POC 2025-08-01CVE-2014-9119: WordPress DB Backup <=4.5 - Local File Inclusion
- POC 2025-08-01CVE-2014-9735: WordPress RevSlider - Remote Code Execution via File Upload
- POC 2025-08-01CVE-2015-1000005: WordPress Candidate Application Form <= 1.3 - Local File Inclusion
- POC 2025-08-01CVE-2015-1000010: WordPress Simple Image Manipulator < 1.0 - Local File Inclusion
- POC 2025-08-01CVE-2015-1000012: WordPress MyPixs <=0.3 - Local File Inclusion
- POC 2025-08-01CVE-2015-1579: WordPress Slider Revolution - Local File Disclosure
- POC 2025-08-01CVE-2015-2196: WordPress Spider Calendar <=1.4.9 - SQL Injection
- POC 2025-08-01CVE-2015-2755: WordPress AB Google Map Travel <=3.4 - Stored Cross-Site Scripting
- POC 2025-08-01CVE-2015-4062: WordPress NewStatPress 0.9.8 - SQL Injection
- POC 2025-08-01CVE-2015-4127: WordPress Church Admin <0.810 - Cross-Site Scripting
- POC 2025-08-01CVE-2015-4414: WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal
- POC 2025-08-01CVE-2015-4455: WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload
- POC 2025-08-01CVE-2015-4694: WordPress Zip Attachments <= 1.1.4 - Arbitrary File Retrieval
- POC 2025-08-01CVE-2015-5461: WordPress StageShow <5.0.9 - Open Redirect
- POC 2025-08-01CVE-2015-5469: WordPress MDC YouTube Downloader 2.1.0 - Local File Inclusion
- POC 2025-08-01CVE-2015-6920: WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2015-7377: WordPress Pie-Register <2.0.19 - Cross-Site Scripting
- POC 2025-08-01CVE-2015-9414: WordPress Symposium <=15.8.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2015-9480: WordPress RobotCPA 5 - Directory Traversal
- POC 2025-08-01CVE-2015-9499: WordPress ShowBiz Pro <= 1.7.1 - Authenticated Arbitrary File Upload to RCE
- POC 2025-08-01CVE-2016-1000126: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000127: WordPress AJAX Random Post <=2.00 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000128: WordPress anti-plagiarism <=3.60 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000129: WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000130: WordPress e-search <=1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000131: WordPress e-search <=1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000132: WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000133: WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000134: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000135: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000136: WordPress heat-trackr 1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000137: WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000138: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000139: WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000140: WordPress New Year Firework <=1.1.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000141: WordPress Page Layout builder v1.9.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000142: WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000143: WordPress Photoxhibit 2.1.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000146: WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000148: WordPress S3 Video <=0.983 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000149: WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000152: WordPress Tidio-form <=1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000153: WordPress Tidio Gallery <=1.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000154: WordPress WHIZZ <=1.0.7 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-1000155: WordPress WPSOLR <=8.6 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-10033: WordPress PHPMailer < 5.2.18 - Remote Code Execution
- POC 2025-08-01CVE-2016-10924: Wordpress Zedna eBook download <1.2 - Local File Inclusion
- POC 2025-08-01CVE-2016-10940: WordPress zm-gallery plugin 1.0 SQL Injection
- POC 2025-08-01CVE-2016-10956: WordPress Mail Masta 1.0 - Local File Inclusion
- POC 2025-08-01CVE-2016-10960: WordPress wSecure Lite < 2.4 - Remote Code Execution
- POC 2025-08-01CVE-2016-10973: Brafton WordPress Plugin < 3.4.8 - Cross-Site Scripting
- POC 2025-08-01CVE-2016-15042: WordPress Frontend File Manager < 4.0 & N-Media Post Frontend < 1.1 - Arbitrary File Upload
- POC 2025-08-01CVE-2017-1000170: WordPress Delightful Downloads Jquery File Tree 2.1.5 - Local File Inclusion
- POC 2025-08-01CVE-2017-14622: WordPress 2kb Amazon Affiliates Store <2.1.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2017-17043: WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2017-17059: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2017-17451: WordPress Mailster <=1.5.4 - Cross-Site Scripting
- POC 2025-08-01CVE-2017-18536: WordPress Stop User Enumeration <=1.3.7 - Cross-Site Scripting
- POC 2025-08-01CVE-2017-18598: WordPress Qards - Cross-Site Scripting
- POC 2025-08-01CVE-2017-9288: WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-11709: WordPress wpForo Forum <= 1.4.11 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-16159: WordPress Gift Voucher <4.1.8 - Blind SQL Injection
- POC 2025-08-01CVE-2018-16283: WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion
- POC 2025-08-01CVE-2018-16299: WordPress Localize My Post 1.0 - Local File Inclusion
- POC 2025-08-01CVE-2018-18069: WordPress sitepress-multilingual-cms 3.6.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-19287: WordPress Ninja Forms <3.3.18 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-20462: WordPress JSmol2WP <=1.07 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-20463: WordPress JSmol2WP <=1.07 - Local File Inclusion
- POC 2025-08-01CVE-2018-20985: WordPress Payeezy Pay <=2.97 - Local File Inclusion
- POC 2025-08-01CVE-2018-3810: Oturia WordPress Smart Google Code Inserter <3.5 - Authentication Bypass
- POC 2025-08-01CVE-2018-5316: WordPress SagePay Server Gateway for WooCommerce <1.0.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2018-7422: WordPress Site Editor <=1.1.1 - Local File Inclusion
- POC 2025-08-01CVE-2018-8719: WordPress WP Security Audit Log 3.1.1 - Information Disclosure
- POC 2025-08-01CVE-2018-9118: WordPress 99 Robots WP Background Takeover Advertisements <=4.1.4 - Local File Inclusion
- POC 2025-08-01CVE-2019-10692: WordPress Google Maps <7.11.18 - SQL Injection
- POC 2025-08-01CVE-2019-11869: WordPress Yuzo <5.12.94 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-14205: WordPress Nevma Adaptive Images <0.6.67 - Local File Inclusion
- POC 2025-08-01CVE-2019-14470: WordPress UserPro 4.9.32 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-15713: WordPress My Calendar <= 3.1.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-15858: WordPress Woody Ad Snippets <2.2.5 - Cross-Site Scripting/Remote Code Execution
- POC 2025-08-01CVE-2019-15889: WordPress Download Manager <2.9.94 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-16332: WordPress API Bearer Auth <20190907 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-16525: WordPress Checklist <1.1.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-16931: WordPress Visualizer <3.3.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-19134: WordPress Hero Maps Premium <=2.2.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-19985: WordPress Email Subscribers & Newsletters <4.2.3 - Arbitrary File Retrieval
- POC 2025-08-01CVE-2019-20141: WordPress Laborator Neon Theme 2.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-20210: WordPress CTHthemes - Cross-Site Scripting
- POC 2025-08-01CVE-2019-6112: WordPress Sell Media 2.4.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2019-8943: WordPress Core 5.0.0 - Crop-image Shell Upload
- POC 2025-08-01CVE-2019-9618: WordPress GraceMedia Media Player 1.0 - Local File Inclusion
- POC 2025-08-01CVE-2019-9978: WordPress Social Warfare <3.5.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-11530: WordPress Chop Slider 3 - Blind SQL Injection
- POC 2025-08-01CVE-2020-11738: WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion
- POC 2025-08-01CVE-2020-11930: WordPress GTranslate <2.8.52 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-12054: WordPress Catch Breadcrumb <1.5.4 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-12800: WordPress Contact Form 7 <1.3.3.3 - Remote Code Execution
- POC 2025-08-01CVE-2020-13700: WordPress acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference
- POC 2025-08-01CVE-2020-14092: WordPress PayPal Pro <1.1.65 - SQL Injection
- POC 2025-08-01CVE-2020-24186: WordPress wpDiscuz <=7.0.4 - Remote Code Execution
- POC 2025-08-01CVE-2020-24312: WordPress Plugin File Manager (wp-file-manager) Backup Disclosure
- POC 2025-08-01CVE-2020-25213: WordPress File Manager Plugin - Remote Code Execution
- POC 2025-08-01CVE-2020-26876: WordPress WP Courses Plugin Information Disclosure
- POC 2025-08-01CVE-2020-28976: WordPress Canto 1.3.0 - Blind Server-Side Request Forgery
- POC 2025-08-01CVE-2020-29395: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-35749: WordPress Simple Job Board <2.9.4 - Local File Inclusion
- POC 2025-08-01CVE-2020-35951: Wordpress Quiz and Survey Master <7.0.1 - Arbitrary File Deletion
- POC 2025-08-01CVE-2020-36510: WordPress 15Zine <3.3.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-36708: WordPress Epsilon Framework Themes <=2.4.8 - Remote Code Execution
- POC 2025-08-01CVE-2020-36728: WordPress Plugin Adning Advertising < 1.5.6 - Arbitrary File Upload
- POC 2025-08-01CVE-2020-36836: WordPress WP Fastest Cache <= 0.9.0.2 - Authenticated Arbitrary File Deletion
- POC 2025-08-01CVE-2020-7107: WordPress Ultimate FAQ <1.8.30 - Cross-Site Scripting
- POC 2025-08-01CVE-2020-8615: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery
- POC 2025-08-01CVE-2020-8771: WordPress Time Capsule < 1.21.16 - Authentication Bypass
- POC 2025-08-01CVE-2020-8772: WordPress InfiniteWP <1.9.4.5 - Authorization Bypass
- POC 2025-08-01CVE-2020-9043: WordPress wpCentral <1.5.1 - Information Disclosure
- POC 2025-08-01CVE-2021-20792: WordPress Quiz and Survey Master <7.1.14 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24145: WordPress Modern Events Calendar Lite <5.16.5 - Authenticated Arbitrary File Upload
- POC 2025-08-01CVE-2021-24146: WordPress Modern Events Calendar Lite <5.16.5 - Sensitive Information Disclosure
- POC 2025-08-01CVE-2021-24150: WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery
- POC 2025-08-01CVE-2021-24155: WordPress BackupGuard <1.6.0 - Authenticated Arbitrary File Upload
- POC 2025-08-01CVE-2021-24165: WordPress Ninja Forms <3.4.34 - Open Redirect
- POC 2025-08-01CVE-2021-24169: WordPress Advanced Order Export For WooCommerce <3.1.8 - Authenticated Cross-Site Scripting
- POC 2025-08-01CVE-2021-24176: WordPress JH 404 Logger <=1.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24210: WordPress PhastPress <1.111 - Open Redirect
- POC 2025-08-01CVE-2021-24214: WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24215: Controlled Admin Access WordPress Plugin <= 1.4.0 - Improper Access Control & Privilege Escalation
- POC 2025-08-01CVE-2021-24227: Patreon WordPress <1.7.0 - Unauthenticated Local File Inclusion
- POC 2025-08-01CVE-2021-24235: WordPress Goto Tour & Travel Theme <2.0 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24236: WordPress Imagements <=1.2.5 - Arbitrary File Upload
- POC 2025-08-01CVE-2021-24237: WordPress Realteo <=1.2.3 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24239: WordPress Pie Register <3.7.0.1 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24245: WordPress Stop Spammers <2021.9 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24274: WordPress Supsystic Ultimate Maps <1.2.5 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24276: WordPress Supsystic Contact Form <1.7.15 - Cross-Site Scripting
- POC 2025-08-01CVE-2021-24278: WordPress Contact Form 7 <2.3.4 - Arbitrary Nonce Generation
- POC 2025-08-01CVE-2021-24284: WordPress Kaswara Modern VC Addons <=3.0.1 - Arbitrary File Upload
- POC 2025-08-01CVE-2021-24285: WordPress Car Seller - Auto Classifieds Script - SQL Injection
- POC 2025-08-01CVE-2021-24286: WordPress Plugin Redirect 404 to Parent 1.3.0 - Cross-Site Scripting