WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...

WordPress Under Construction / Maintenance Mode from Acurax plugin <= 2.6 - IP Bypass vulnerability

IP Bypass vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Under Construction / Maintenance Mode from Acurax versions = 2.6...

WordPress BuddyPress Cover plugin <= 2.1.4.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin BuddyPress Cover versions = 2.1.4.2...

WordPress Strategery Migrations plugin <= 1.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Strategery Migrations versions = 1.0...

WordPress SC filechecker plugin <= 0.6 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin SC filechecker versions = 0.6...

WordPress Awesome Support plugin <= 6.1.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Awesome Support versions = 6.1.7...

WordPress Pixgraphy theme <= 1.3.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Pixgraphy versions = 1.3.8...

WordPress WP Time Slots Booking Form plugin <= 1.2.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin WP Time Slots Booking Form versions = 1.2.11...

WordPress Kenta Gutenberg Blocks plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Kenta Gutenberg Blocks Responsive Blocks and block templates library for Gutenberg Editor versions = 1.3.9...

WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Active Products Tables for WooCommerce versions = 1.0.6.3...

WordPress Product Addons & Fields for WooCommerce plugin <= 32.0.20 - Content Injection vulnerability

Content Injection vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin PPOM for WooCommerce versions = 32.0.20...

WordPress LA-Studio Element Kit for Elementor plugin <= 1.3.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin LA-Studio Element Kit for Elementor versions = 1.3.6...

WordPress RestroPress plugin <= 3.1.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin RestroPress versions = 3.1.2.1...

WordPress Copymatic plugin <= 1.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Copymatic versions = 1.9...

WordPress Bloglo theme <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Bloglo versions = 1.1.3...

WordPress Idyllic theme <= 1.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Idyllic versions = 1.1.8...

WordPress Event theme <= 1.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Event versions = 1.2.2...

WordPress The Plus Addons for Elementor plugin <= 5.5.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.5.4...

WordPress Heateor Social Login WordPress plugin <= 1.1.32 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Heateor Social Login versions = 1.1.32...

WordPress Heateor Social Login WordPress plugin <= 1.1.32 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Heateor Social Login versions = 1.1.32...