Wolf – Wordpress Posts Bulk Editor And Manager Professional
Approved changes feed: RSS · Atom
cpe:2.3:a:realmag777:wolf_–_wordpress_posts_bulk_editor_and_manager_professional:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Realmag777 (367987aa-9884-5ea5-b6ea-639a360f4171) |
|---|---|
| Product | Wolf – Wordpress Posts Bulk Editor And Manager Professional (0130271d-6134-51ef-a207-d5b744710f74) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-31430 |
vulnerable | 2026-06-03 14:55:39.727404 |
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 BEAR and WOLF WordPress plugins
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional, realmag777 BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.1; BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net: from n/a through 1.1.4.1.
Published: 2024-04-10T19:10:01.565Z
Updated: 2026-04-28T16:09:32.274Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-22159 |
vulnerable | 2026-06-03 14:54:59.894572 |
WordPress WOLF Plugin <= 1.0.8 is vulnerable to Cross Site Scripting (XSS)
HIGH (7.1)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.
Published: 2024-01-31T18:12:04.015Z
Updated: 2026-04-28T16:09:09.023Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0791 |
vulnerable | 2026-06-03 14:54:04.091822 |
WOLF – WordPress Posts Bulk Editor and Manager Professional <= 1.0.8.1 - Missing Authorization
MEDIUM (4.3)
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to unauthorized access, modification or loss of data due to a missing capability check on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions in all versions up to, and including, 1.0.8.1. This makes it possible for authenticated attackers, with subscriber access or higher, to create, delete or modify taxonomy terms.
Published: 2024-02-05T21:21:33.679Z
Updated: 2026-04-08T16:36:41.629Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0790 |
vulnerable | 2026-06-03 14:54:04.090670 |
WOLF – WordPress Posts Bulk Editor and Manager Professional <= 1.0.8.1 - Cross-Site Request Forgery
MEDIUM (5.4)
The WOLF – WordPress Posts Bulk Editor and Manager Professional plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.8.1. This is due to missing or incorrect nonce validation on the wpbe_create_new_term, wpbe_update_tax_term, and wpbe_delete_tax_term functions. This makes it possible for unauthenticated attackers to create, modify and delete taxonomy terms via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. Furthermore, the functions wpbe_save_options, wpbe_bulk_delete_posts_count, wpbe_bulk_delete_posts, and wpbe_save_meta are vulnerable to Cross-Site Request Forgery allowing for plugin options update, post count deletion, post deletion and modification of post metadata via forged request.
Published: 2024-02-05T21:21:46.682Z
Updated: 2026-04-08T16:59:11.090Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-46152 |
vulnerable | 2026-06-03 14:53:09.109098 |
WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Request Forgery (CSRF)
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
Published: 2023-10-24T10:13:02.956Z
Updated: 2026-04-28T16:08:45.647Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-44990 |
vulnerable | 2026-06-03 14:53:07.220189 |
WordPress WOLF Plugin <= 1.0.7.1 is vulnerable to Cross Site Scripting (XSS)
MEDIUM (5.9)
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7.1 versions.
Published: 2023-10-17T09:01:36.865Z
Updated: 2026-04-28T16:08:40.975Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-34028 |
vulnerable | 2026-06-03 14:52:15.423984 |
WordPress WOLF Plugin <= 1.0.7 is vulnerable to Cross Site Request Forgery (CSRF)
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.7 versions.
Published: 2023-06-22T14:21:00.258Z
Updated: 2026-04-28T16:08:27.610Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-31218 |
vulnerable | 2026-06-03 14:51:55.061276 |
WordPress WOLF Plugin <= 1.0.6 is vulnerable to CSRF leading to Stored Cross Site Scripting (XSS) vulnerability
HIGH (7.1)
Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.
Published: 2023-08-18T13:28:46.662Z
Updated: 2026-04-28T16:08:20.822Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.