Authors List
Approved changes feed: RSS · Atom
cpe:2.3:a:wpkube:authors_list:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Wpkube (f4241446-089f-5ffb-84a4-260b1a556496) |
|---|---|
| Product | Authors List (9a9f8f0d-19e3-55e4-937e-81e7615ea624) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-58792 |
vulnerable | 2026-06-08 07:35:19.549394 |
WordPress Authors List plugin <= 2.0.6.2 - Cross Site Request Forgery (CSRF) vulnerability
MEDIUM (4.3)
Cross-Site Request Forgery (CSRF) vulnerability in WPKube Authors List authors-list allows Cross Site Request Forgery.This issue affects Authors List: from n/a through <= 2.0.6.2.
Published: 2025-09-05T13:45:01.955Z
Updated: 2026-05-13T00:18:06.295Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-12010 |
vulnerable | 2026-06-08 07:04:29.550722 |
Authors List <= 2.0.6.1 - Authenticated (Contributor+) Sensitive Information Exposure via Limited Method Call in Plugin's Shortcode
MEDIUM (6.5)
The Authors List plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.6.1 via the via arbitrary method call from Authors_List_Shortcode class. This makes it possible for authenticated attackers, with Contributor-level access and above, to call methods such as get_meta to extract sensitive user data including password hashes, email addresses, usernames, and activation keys via specially crafted shortcode attributes
Published: 2025-11-11T03:30:38.901Z
Updated: 2026-04-08T16:52:33.327Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-13806 |
vulnerable | 2026-06-08 06:25:38.536487 |
Authors List <= 2.0.6 - Unauthenticated Arbitrary Shortcode Execution
MEDIUM (6.5)
The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.0.6. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Published: 2025-03-01T07:24:05.886Z
Updated: 2026-04-08T17:27:41.697Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-10952 |
vulnerable | 2026-06-08 06:23:48.260578 |
Authors List <= 2.0.4 - Unauthenticated Arbitrary Shortcode Execution via update_authors_list_ajax
HIGH (7.3)
The The Authors List plugin for WordPress is vulnerable to arbitrary shortcode execution via update_authors_list_ajax AJAX action in all versions up to, and including, 2.0.4. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.
Published: 2024-12-04T02:40:25.972Z
Updated: 2026-04-08T17:05:48.476Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-37981 |
vulnerable | 2026-06-08 06:08:16.622780 |
WordPress Authors List Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)
HIGH (7.1)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPKube Authors List plugin <= 2.0.2 versions.
Published: 2023-07-27T13:50:13.640Z
Updated: 2026-04-28T16:08:32.990Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.