Vulnerabilities > Pluginus > Wolf Wordpress Posts Bulk Editor AND Products Manager Professional

DATE CVE VULNERABILITY TITLE RISK
2025-02-03 CVE-2025-24605 Path Traversal vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal.
network
low complexity
pluginus CWE-22
7.2
7.2
2024-11-14 CVE-2024-52396 Path Traversal vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in realmag777 WOLF allows Path Traversal.This issue affects WOLF: from n/a through 1.0.8.3.
network
low complexity
pluginus CWE-22
8.8
8.8
2024-05-08 CVE-2024-34558 Unspecified vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF allows Stored XSS.This issue affects WOLF: from n/a through 1.0.8.2.
network
low complexity
pluginus
4.8
4.8
2024-04-10 CVE-2024-31430 Unspecified vulnerability in Pluginus products
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.1; BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net: from n/a through 1.1.4.1.
network
low complexity
pluginus
8.8
8.8
2024-02-05 CVE-2024-0790 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.1.
network
low complexity
pluginus CWE-352
4.3
4.3
2024-02-05 CVE-2024-0791 Missing Authorization vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1.
network
low complexity
pluginus CWE-862
4.3
4.3
2024-01-31 CVE-2024-22159 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.
network
low complexity
pluginus CWE-79
6.1
6.1
2023-10-25 CVE-2023-46152 Unspecified vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
network
low complexity
pluginus
8.8
8.8
2023-10-17 CVE-2023-44990 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Auth.
network
low complexity
pluginus CWE-79
4.8
4.8
2023-08-18 CVE-2023-31218 Unspecified vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.
network
low complexity
pluginus
6.1
6.1