WordPress SP Project & Document Manager plugin <= 4.71 - Directory Traversal vulnerability

Directory Traversal vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin SP Project & Document Manager versions = 4.71...

WordPress PropertyHive plugin <= 2.0.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin PropertyHive versions = 2.0.9...

WordPress Dashboard To-Do List Plugin <= 1.2.0 is vulnerable to Broken Access Control

Software Dashboard To-Do List Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.3.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-35723 Patch priority Low CVSS severity Low 4.3 Developer Andrew Rapps PSID e4b3c03fafe1 Credits CatFather Required privileg...

WordPress Praison SEO WordPress plugin <= 4.0.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather in WordPress Plugin Praison SEO WordPress versions = 4.0.15...

WordPress Table Maker plugin <= 1.9.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Table Maker versions = 1.9.1...

WordPress Evergreen Content Poster plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Evergreen Content Poster versions = 1.4.2...

WordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Contest Gallery versions = 21.3.4...

WordPress WP Simple HTML Sitemap plugin <= 2.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin WP Simple HTML Sitemap versions = 2.8...

WordPress Ditty plugin <= 3.1.31 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Ditty versions = 3.1.31...

WordPress WP Club Manager plugin <= 2.2.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin WP Club Manager versions = 2.2.11...

WordPress PostX plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather in WordPress Plugin PostX versions = 4.0.1...

WordPress What's New Generator plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin What's New Generator versions = 2.0.2...

WordPress WP Sort Order plugin <= 1.3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin WP Sort Order versions = 1.3.1...

WordPress WP Sort Order Plugin <= 1.3.1 is vulnerable to Broken Access Control

Software WP Sort Order Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31294 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID fa1bc46c4a98 Credits CatFather Required privilege...

WordPress HeartThis plugin <= 0.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin HeartThis versions = 0.1.0...

WordPress Cryptocurrency Widgets – Price Ticker & Coins List Plugin <= 2.6.8 is vulnerable to Broken Access Control

Software Cryptocurrency Widgets – Price Ticker & Coins List Type Plugin Vulnerable versions = 2.6.8 Fixed in 2.6.9 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-27953 Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID 036319de798f...