CVE-2026-3878
- EPSS 0.01%
- Veröffentlicht 16.04.2026 03:36:36
- Zuletzt bearbeitet 16.04.2026 04:17:09
The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_options[icon_size]' parameter in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2026-24990
- EPSS 0.05%
- Veröffentlicht 03.02.2026 14:08:36
- Zuletzt bearbeitet 15.04.2026 00:35:42
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through <= 2.2.8.
CVE-2025-31417
- EPSS 0.12%
- Veröffentlicht 31.03.2025 06:15:31
- Zuletzt bearbeitet 15.04.2026 00:35:42
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through < 2.2.7.
CVE-2024-35695
- EPSS 0.14%
- Veröffentlicht 08.06.2024 15:15:52
- Zuletzt bearbeitet 21.11.2024 09:20:40
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3.