WordPress Ad Inserter plugin <= 2.7.37 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Ad Inserter versions = 2.7.37...

WordPress BuddyPress Better Registration plugin <= 1.6 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin BuddyPress Better Registration versions = 1.6...

WordPress Ahime Image Printer plugin <= 1.0.0 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Ahime Image Printer versions = 1.0.0...

WordPress Add Categories Post Footer plugin <= 2.2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Add Categories Post Footer versions = 2.2.2...

WordPress Crazy Call To Action Box plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Crazy Call To Action Box versions = 1.0.5...

WordPress El mejor Cluster plugin <= 1.1.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Yusuf Patchstack Alliance in WordPress Plugin El mejor Cluster versions = 1.1.15...

WordPress WordPress Video plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WordPress Video versions = 1.0...

WordPress Ajax Custom CSS/JS plugin <= 2.0.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Ajax Custom CSS/JS versions = 2.0.4...

WordPress wpPricing Builder plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin wpPricing Builder versions = 1.5.0...

WordPress Mitm Bug Tracker plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Mitm Bug Tracker versions = 1.0...

WordPress cSlider plugin <= 2.4.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin cSlider versions = 2.4.2...

WordPress Feed Comments Number plugin <= 0.2.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Feed Comments Number versions = 0.2.1...

WordPress Mighty Builder plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Mighty Builder versions = 1.0.2...

WordPress my wooden under construction Theme <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Software my wooden under construction Type Theme Vulnerable versions = 2.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49269 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6cc0e1da3f3b Credits justakazh Required...

WordPress Ahime Image Printer Plugin <= 1.0.0 is vulnerable to Arbitrary File Download

Software Ahime Image Printer Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Arbitrary File Download CVE CVE-2024-49245 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 4330a07d13a8 Credits stealthcopter Required...

WordPress Add Categories Post Footer Plugin <= 2.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Add Categories Post Footer Type Plugin Vulnerable versions = 2.2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49239 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a0d115d1939f Credits Le Ngoc Anh Required...

WordPress RS-Members Plugin <= 1.0.3 is vulnerable to Privilege Escalation

Software RS-Members Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Privilege Escalation CVE CVE-2024-49219 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 3db20a267888 Credits João Pedro S Alcântara Kinorth...

WordPress WordPress Gallery Plugin – Limb Image Gallery Plugin <= 1.5.7 is vulnerable to Arbitrary File Upload

Software WordPress Gallery Plugin – Limb Image Gallery Type Plugin Vulnerable versions = 1.5.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49260 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 1dec11f80c4c Credits stealthcopt...

WordPress Ajax Custom CSS/JS Plugin <= 2.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Ajax Custom CSS/JS Type Plugin Vulnerable versions = 2.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49230 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID a0b3b7c24e3c Credits SOPROBRO Required privilege...

WordPress Jetpack Plugin < 13.9.1 is vulnerable to Broken Access Control

Software Jetpack Type Plugin Vulnerable versions 13.9.1 Fixed in 13.9.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9926 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 675e1d99d774 Credits Marc Montpas Required privilege...