WordPress WPQA plugin < 6.1.1 - Arbitrary Category and Tag Follow/Unfollow via CSRF vulnerability

Arbitrary Category and Tag Follow/Unfollow via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin WPQA - Builder forms Addon versions 6.1.1...

WordPress WPQA plugin < 6.1.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin WPQA - Builder forms Addon versions 6.1.1...

WordPress WPQA - Builder forms Addon Plugin < 6.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WPQA - Builder forms Addon Type Plugin Vulnerable versions 6.1.1 Fixed in 6.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2375 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b62f23b8b86a Credits Bob Matyas...

WordPress WPQA - Builder forms Addon Plugin < 6.1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software WPQA - Builder forms Addon Type Plugin Vulnerable versions 6.1.1 Fixed in 6.1.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-2376 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 77943f96c05b Credits Bob Matyas...

WordPress WPQA - Builder forms Addon plugin < 5.2 - Arbitrary Profile Picture Deletion via IDOR vulnerability

Arbitrary Profile Picture Deletion via IDOR vulnerability discovered by Binit Ghimire in WordPress WPQA - Builder forms Addon plugin versions 5.2. Solution Update the WordPress WPQA - Builder forms Addon plugin to the latest available version at least 5.2...

WordPress WPQA - Builder forms Addon plugin < 5.2 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Veshraj Ghimire in WordPress WPQA - Builder forms Addon plugin versions 5.2. Solution Update the WordPress WPQA - Builder forms Addon plugin to the latest available version at least 5.2...