WordPress User Registration Advanced Fields plugin <= 1.6.20 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin User Registration Advanced Fields versions = 1.6.20...

WordPress Analytics Cat plugin <= 1.1.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Analytics Cat versions = 1.1.2...

WordPress User Registration & Membership plugin <= 5.1.2 - Authentication Bypass vulnerability

Authentication Bypass vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin User Registration versions = 5.1.2...

WordPress Subitem AL Slider plugin <= 1.0.0 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability

Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Subitem AL Slider versions = 1.0.0...

WordPress personal-authors-category plugin <= 0.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin personal-authors-category versions = 0.3...

WordPress Kudos Donations plugin <= 3.2.9 - Reflected Cross-Site Scripting via 'add_query_arg' vulnerability

Reflected Cross-Site Scripting via 'addqueryarg' vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Kudos Donations versions = 3.2.9...

WordPress Lexicata plugin <= 1.0.16 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by 0xd4rk5id3 - EnvoraSec in WordPress Plugin Lexicata versions = 1.0.16...