WordPress DSGVO Youtube plugin <= 1.4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin DSGVO Youtube versions = 1.4.5...

WordPress Attesa Extra plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Attesa Extra versions = 1.3.9...

WordPress Void Elementor WHMCS Elements For Elementor Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Void Elementor WHMCS Elements For Elementor Page Builder versions = 2.0...

WordPress Gutenberg Block Editor Toolkit plugin <= 1.40.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Gutenberg Block Editor Toolkit versions = 1.40.4...

WordPress Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by wpdabh Patchstack Alliance in WordPress Plugin Restaurant Menu – Food Ordering System – Table Reservation versions = 2.4.1...

WordPress Mega Elements plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Mega Elements versions = 1.1.9...

WordPress WP 2FA plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WP 2FA versions = 2.6.2...

WordPress WP Club Manager plugin <= 2.2.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin WP Club Manager versions = 2.2.11...

WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Z Y N I T H versions = 7.4.9...

WordPress eCommerce Product Catalog plugin <= 3.3.32 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin eCommerce Product Catalog versions = 3.3.32...

WordPress HurryTimer plugin <=2.9.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin HurryTimer versions = 2.9.2...

WordPress Knight Lab Timeline plugin <=3.9.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Knight Lab Timeline versions = 3.9.3.4...

WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Subscriber+ Site-Wide Stored Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Superfly Menu versions = 5.0.25...

WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Taggbox versions = 3.2...

WordPress Navigation menu as Dropdown Widget Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Navigation menu as Dropdown Widget Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32126 Patch priority Low CVSS severity Low 5.9 Developer Jeroen Peters PSID 5c32e593787a Credits Joshua Chan Required...

WordPress TeraWallet – For WooCommerce Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)

Software TeraWallet – For WooCommerce Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32584 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3858d275e8c9 Credits Joshua Chan Required...

WordPress WP 404 Auto Redirect to Similar Post Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software WP 404 Auto Redirect to Similar Post Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32559 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c85034ba240a Credits AtaTurk1925...

WordPress Import Content in WordPress & WooCommerce with Excel Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Content in WordPress & WooCommerce with Excel Type Plugin Vulnerable versions = 4.2 Fixed in 4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32585 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 597c127e874d Credits...

WordPress Ovic Responsive WPBakery Plugin <= 1.3.0 is vulnerable to Broken Access Control

Software Ovic Responsive WPBakery Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32142 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 35ffc13b78da Credits Skalucy Required...

WordPress PeproDev CF7 Database Plugin <= 1.8.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software PeproDev CF7 Database Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.9.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41864 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3d141a658694 Credits RE-ALTER...