WordPress Affiliate Super Assistent plugin <= 1.10.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Affiliate Super Assistent versions = 1.10.1...

WordPress Dazzle theme <= 1.0.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Dazzle versions = 1.0.0...

WordPress Snow Club theme <= 1.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Snow Club versions = 1.1...

WordPress Nexio theme <= 1.10.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nexio versions = 1.10.0...

WordPress Ingenioso theme <= 1.14.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ingenioso versions = 1.14.0...

WordPress Smart Manager plugin <= 8.85.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Smart Manager versions = 8.85.0...

WordPress SliceWP plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin SliceWP versions = 1.2.6...

WordPress PowerPack Pro for Elementor plugin < v2.13.0 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin PowerPack Pro for Elementor versions v2.13.0...

WordPress Blocksy Companion Pro plugin <= 2.1.37 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Blocksy Companion Pro versions = 2.1.37...

WordPress GeekyBot plugin <= 1.2.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin GeekyBot versions = 1.2.2...

WordPress Coupon Affiliates plugin <= 7.5.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Coupon Affiliates versions = 7.5.3...

WordPress Redsys for WooCommerce Light plugin <= 7.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Redsys for WooCommerce Light versions = 7.0.0...

WordPress Social Slider Feed plugin <= 2.3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Social Slider Feed versions = 2.3.2...

WordPress Post Duplicator plugin <= 3.0.10 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Post Duplicator versions = 3.0.10...

WordPress Booking Activities plugin <= 1.16.48.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Booking Activities versions = 1.16.48.1...

WordPress JupiterX Core plugin <= 4.14.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin JupiterX Core versions = 4.14.1...

WordPress GeekyBot plugin <= 1.2.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin GeekyBot versions = 1.2.0...

WordPress WP Maps plugin <= 4.9.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WP Maps versions = 4.9.1...

WordPress Event Tickets Manager for WooCommerce plugin <= 1.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Event Tickets Manager for WooCommerce versions = 1.5.3...

WordPress Woody ad snippets plugin <= 2.7.1 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Woody ad snippets versions = 2.7.1...