WordPress WordPress Tooltips plugin <= 9.5.3 - Cross Site Request Forgery (CSRF) leading to Stored XSS vulnerability

Cross Site Request Forgery CSRF leading to Stored XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WordPress Tooltips versions = 9.5.3...

WordPress EmbedPress plugin <= 3.9.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin EmbedPress versions = 3.9.8...

WordPress Advanced Local Pickup for WooCommerce plugin <=1.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Advanced Local Pickup for WooCommerce versions = 1.6.2...

WordPress App Builder plugin <= 3.8.7 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin App Builder versions = 3.8.7...

WordPress Church Admin plugin <= 4.1.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Church Admin versions = 4.1.6...

WordPress Church Admin plugin <= 4.1.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Church Admin versions = 4.1.5...

WordPress Generate Child Theme plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Generate Child Theme versions = 2.0...

WordPress LMS by Masteriyo plugin <= 1.7.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Masteriyo - LMS versions = 1.7.2...

WordPress Premium Addons for Elementor plugin <= 4.10.22 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Premium Addons for Elementor versions = 4.10.22...

WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Product Designer versions = 1.0.32...

WordPress Products, Order & Customers Export for WooCommerce plugin <= 2.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Products, Order & Customers Export for WooCommerce versions = 2.0.8...

WordPress JS Help Desk plugin <= 2.8.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani Patchstack Alliance in WordPress Plugin JS Help Desk versions = 2.8.3...

WordPress Ultimate Maps plugin <= 1.2.16 - Cross Site Request Forgery vulnerability

Cross Site Request Forgery vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Ultimate Maps by Supsystic versions = 1.2.16...

WordPress ARForms Form Builder plugin <= 1.6.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin ARForms Form Builder versions = 1.6.1...

WordPress Flexible Checkout Fields for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Flexible Checkout Fields for WooCommerce versions = 4.1.2...

WordPress Sumo plugin <= 1.34 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin Sumo versions = 1.34...

WordPress Post Views Counter plugin <= 1.4.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Post Views Counter versions = 1.4.4...

WordPress SearchIQ plugin <= 4.5 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin SearchIQ versions = 4.5...

WordPress Form to Chat App plugin <= 1.1.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Form to Chat App versions = 1.1.6...

WordPress WordPress Backup & Migration plugin <= 1.4.7 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress Backup & Migration versions = 1.4.7...