Vulnerabilities and security researches forplugin-central plugin-central

Jun 07, 2024

CVE, Research URL: dc94c84bbc7a71287b02b5d483cdf884e1ca2777
Home page URL: Security reports for Plugin Central
Application: Plugin Central
Date: Nov 24, 2015
Research Description: Plugin Central [plugin-central] < 2.5.1 WordPress Central Plugin <= 2.5 - Reflected Cross Site Scripting (XSS) Because of this vulnerability, the attackers can inject arbitrary web script or HTML. Upgrade the plugin.
Affected versions: max 2.5.1.
Status: vulnerable

Apr 26, 2025

CVE, Research URL: CVE-2025-46439
Home page URL: Security reports for Plugin Central
Application: Plugin Central
Date: Apr 24, 2025
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central allows Path Traversal. This issue affects Plugin Central: from n/a through 2.5.1.
Affected versions: max 2.5.1.
Status: vulnerable