WordPress AI Infographic Maker OpenAI plugin <= 4.6.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Infographic Maker – iList versions = 4.6.6...

WordPress Chauffeur Taxi Booking System for WordPress plugin <= 6.9 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Kursat Cetin Patchstack in WordPress Plugin Chauffeur Taxi Booking System for WordPress versions = 6.9...

WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Active Products Tables for WooCommerce versions = 1.0.6.2...

WordPress 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin Plugin <= 3.62 is vulnerable to Cross Site Scripting (XSS)

Software 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin Type Plugin Vulnerable versions = 3.62 Fixed in 3.63 OWASP Top 10 A1: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32694 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PS...

WordPress Infographic Maker – iList Plugin <= 4.6.6 is vulnerable to Cross Site Scripting (XSS)

Software Infographic Maker – iList Type Plugin Vulnerable versions = 4.6.6 Fixed in 4.6.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32696 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID baa0cb27dbc1 Credits Khalid Yusuf Required...

WordPress WP Social Comments plugin <= 1.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin WP Social Comments versions = 1.7.3...

WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...

WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability

Review Score Manipulation vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerability

Broken Access Control on Review vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.13.2...

WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.13.2...

WordPress HUSKY plugin <= 1.3.5.2 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin HUSKY versions = 1.3.5.2...

WordPress Shared Files plugin <= 1.7.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Shared Files versions = 1.7.16...

WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Insecure Direct Object References (IDOR)

Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32683 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7b452df5fd16 Credits Kyle...

WordPress Support Genix plugin <= 1.2.3 - Broken Access Control lead to Arbitrary File Upload vulnerability

Broken Access Control lead to Arbitrary File Upload vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Support Genix versions = 1.2.3...

WordPress WP-Recall plugin <= 16.26.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin WP-Recall versions = 16.26.5...

WordPress Popup Anything plugin <= 2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Popup Anything versions = 2.8...

WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin WP Dummy Content Generator versions = 3.2.1...

WordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WP Smart Import versions = 1.0.7...