WordPress Gridsby theme <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Gridsby versions = 1.3.0...

WordPress HappenStance theme <= 3.0.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme HappenStance versions = 3.0.1...

WordPress i-excel theme <= 1.7.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme i-excel versions = 1.7.9...

WordPress Sensible WP theme <= 1.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Sensible WP versions = 1.3.1...

WordPress ReDi Restaurant Reservation plugin <= 24.0128 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin ReDi Restaurant Reservation versions = 24.0128...

WordPress PopularFX theme <= 1.2.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme PopularFX versions = 1.2.4...

WordPress The Conference Theme <= 1.2.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software The Conference Type Theme Vulnerable versions = 1.2.0 Fixed in 1.2.1 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31428 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f038ad152adb Credits Dhabaleshwar Das...

WordPress Table & Contact Form 7 Database – Tablesome Plugin <= 1.0.25 is vulnerable to Cross Site Request Forgery (CSRF)

Software Table & Contact Form 7 Database – Tablesome Type Plugin Vulnerable versions = 1.0.25 Fixed in 1.0.26 OWASP Top 10 A5: Security Misconfiguration Classification Cross Site Request Forgery CSRF CVE CVE-2024-31388 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

WordPress TWIPLA (Visitor Analytics IO) Plugin <= 1.2.0 is vulnerable to Cross Site Scripting (XSS)

Software TWIPLA Visitor Analytics IO Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31937 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 35e7ceea8aa3 Credits Dhabaleshwar Das Required...

WordPress Blocksy Companion Plugin <= 2.0.28 is vulnerable to Cross Site Request Forgery (CSRF)

Software Blocksy Companion Type Plugin Vulnerable versions = 2.0.28 Fixed in 2.0.29 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31932 Patch priority Low CVSS severity Low 5.4 Developer Creative Themes PSID f75fe061addd Credits RE-ALTER Requir...

WordPress Smash Balloon Social Post Feed Plugin <= 4.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Smash Balloon Social Post Feed Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A4: Insecure Design Classification Cross Site Request Forgery CSRF CVE CVE-2024-31379 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0081dd599b5c Credits Majed Refa...

WordPress Favicon Plugin <= 1.3.29 is vulnerable to Cross Site Request Forgery (CSRF)

Software Favicon Type Plugin Vulnerable versions = 1.3.29 Fixed in 1.3.30 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31422 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 519dd147403f Credits RE-ALTER Required privile...

WordPress Inline Related Posts Plugin <= 3.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Inline Related Posts Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.4.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31426 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 472557d2a031 Credits Brandon Roldan...

WordPress No-Bot Registration plugin <= 1.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin No-Bot Registration versions = 1.9.1...

WordPress WP Event Aggregator plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WP Event Aggregator versions = 1.7.6...

WordPress CodeisAwesome AIKit plugin <= 4.14.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Ivan Spiridonov Patchstack Alliance in WordPress Plugin AIKit versions = 4.14.1...

WordPress Soledad theme <= 8.4.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Soledad versions = 8.4.5...

WordPress Soledad theme <= 8.4.5 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Soledad versions = 8.4.5...

WordPress Post Type Builder (PTB) plugin < 2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Post Type Builder PTB versions 2.1.1...

WordPress Post Type Builder (PTB) Plugin < 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Post Type Builder PTB Type Plugin Vulnerable versions 2.1.1 Fixed in 2.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31365 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 043b6c8024b4 Credits Dave Jong Patchstack Require...