CVE-2026-3878
- EPSS 0.21%
- Veröffentlicht 16.04.2026 03:36:36
- Zuletzt bearbeitet 22.04.2026 20:23:16
The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_options[icon_size]' parameter in all versions up to, and including, 2.2.9 due to insufficient input sanitization and output escaping. This makes it possible...
CVE-2026-24990
- EPSS 0.17%
- Veröffentlicht 03.02.2026 14:08:36
- Zuletzt bearbeitet 15.04.2026 00:35:42
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through <= 2.2.8.
CVE-2025-31417
- EPSS 0.2%
- Veröffentlicht 31.03.2025 06:15:31
- Zuletzt bearbeitet 23.04.2026 15:27:47
Missing Authorization vulnerability in Fahad Mahmood WP Docs wp-docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through < 2.2.7.
CVE-2024-35695
- EPSS 0.28%
- Veröffentlicht 08.06.2024 15:15:52
- Zuletzt bearbeitet 21.11.2024 09:20:40
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3.