📦 Wp To Do

The WP To Do WordPress plugin versions up to 1.3.0 contain a stored cross-site scripting vulnerability that allows authenticated attackers with administrator privileges to inject malicious scripts int...

This vulnerability allows attackers to inject malicious scripts into WP To Do WordPress plugin pages, which execute when other users view those pages. It affects all WordPress sites using WP To Do plu...

The WP To Do WordPress plugin has a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to add new todo items by tricking administrators into clicking malicious links. This ...

The WP To Do WordPress plugin has a Cross-Site Request Forgery vulnerability that allows attackers to modify plugin settings without authentication. Attackers can trick administrators into clicking ma...