Browse all 21 CVE security advisories affecting wickedplugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-1883 | Wicked Folders <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-639 | 4.3 | Medium | 2026-03-15 |
| CVE-2023-0729 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_sort_order — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-06-09 |
| CVE-2023-0726 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_edit_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0722 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_state — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0684 | Wicked Folders <= 2.18.16 - Missing Authorization via ajax_unassign_folders — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0715 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_clone_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0711 | Wicked Folders <= 2.18.16 - Missing Authorization via ajax_save_state — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0717 | Wicked Folders <= 2.18.16 - Missing Authorization via ajax_delete_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0725 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_clone_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0724 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_add_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0685 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_unassign_folders — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0720 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_save_folder_order — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0716 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_edit_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-08 |
| CVE-2023-0718 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_save_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0723 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_move_object — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0712 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_move_object — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0719 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_save_sort_order — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0730 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_save_folder_order — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0727 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery via ajax_delete_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0713 | Wicked Folders <= 2.18.16 - Missing Authorization on ajax_add_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-862 | 5.4 | Medium | 2023-02-07 |
| CVE-2023-0728 | Wicked Folders <= 2.18.16 - Cross-Site Request Forgery on ajax_save_folder — Wicked Folders – Folder Organizer for Pages, Posts, and Custom Post TypesCWE-352 | 5.4 | Medium | 2023-02-07 |
This page lists every published CVE security advisory associated with wickedplugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.