WordPress Simple Image Popup Plugin <= 2.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Simple Image Popup Type Plugin Vulnerable versions = 2.4.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-4433 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 884d37bdacd5 Credits Cronus Required privilege Administrato...

WordPress Adventure Journal theme <= 1.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Adventure Journal versions = 1.7.2...

WordPress Unique theme <= 0.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Unique versions = 0.3.0...

WordPress Perfect Pullquotes plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Perfect Pullquotes versions = 1.7.5...

WordPress TweetScroll Widget plugin <= 1.3.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin TweetScroll Widget versions = 1.3.7...

WordPress RegistrationMagic plugin <= 5.3.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin RegistrationMagic versions = 5.3.2.0...

WordPress Ultimate Under Construction plugin <= 1.9.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Ultimate Under Construction versions = 1.9.3...

WordPress Google Typography plugin <= 1.1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Google Typography versions = 1.1.2...

WordPress WPify Woo Czech Plugin <= 4.0.10 is vulnerable to Cross Site Scripting (XSS)

Software WPify Woo Czech Type Plugin Vulnerable versions = 4.0.10 Fixed in 4.0.11 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33946 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d10c6f290e6a Credits Dimas Maulana Required privile...

WordPress AA Cash Calculator Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software AA Cash Calculator Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0848 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0f4d37bdc2c4 Credits Nathaniel Oh 0x4n3...

WordPress WooCommerce AWeber Newsletter Subscription Plugin <= 4.0.2 is vulnerable to Settings Change

Software WooCommerce AWeber Newsletter Subscription Type Plugin Vulnerable versions = 4.0.2 Fixed in 4.0.3 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2024-33944 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 016ccf61bb0f Credits Da...

WordPress Directorist plugin <= 7.8.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Directorist versions = 7.8.6...

WordPress CodeBard's Patron Button and Widgets for Patreon plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin CodeBard's Patron Button and Widgets for Patreon versions = 2.2.0...

WordPress Giphypress plugin <= 1.6.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Giphypress versions = 1.6.2...

WordPress Embed Google Fonts plugin <= 3.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Embed Google Fonts versions = 3.1.0...

WordPress ReviewX plugin <= 1.6.21 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin ReviewX versions = 1.6.21...

WordPress Democracy Poll plugin <= 6.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Democracy Poll versions = 6.1.1...

WordPress CPO Companion plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin CPO Companion versions = 1.1.0...

WordPress WP Media Cleaner plugin <= 6.7.2 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Media Cleaner versions = 6.7.2...

WordPress Debug Log Manager plugin <= 2.3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Debug Log Manager versions = 2.3.1...