WordPress Advanced IP Blocker plugin <= 8.10.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peng Zhou in WordPress Plugin Advanced IP Blocker versions = 8.10.7...

WordPress miniorange otp verification plugin <= 5.4.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Peng Zhou in WordPress Plugin miniorange otp verification versions = 5.4.9...

WordPress Tag Groups plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WordPress Tag Cloud Plugin – Tag Groups versions = 2.0.3...

WordPress Masterstudy LMS Starter theme <= 1.1.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Theme Masterstudy LMS Starter versions = 1.1.8...

WordPress WP SMS plugin <= 6.9.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WP SMS versions = 6.9.3...

WordPress Create by Mediavine plugin <= 1.9.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Create by Mediavine versions = 1.9.8...

WordPress Store Locator Plus® for WordPress plugin <= 2311.17.01 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Store Locator Plus versions = 2311.17.01...

WordPress Seraphinite Post .DOCX Source plugin <= 2.16.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Seraphinite Post .DOCX Source versions = 2.16.9...

WordPress WP2Speed Faster – Optimize PageSpeed Insights Score 90-100 plugin <= 1.0.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WP2Speed Faster versions = 1.0.1...

WordPress Tablesome plugin <= 1.0.33 - Sensitive Data Exposure via API vulnerability

Sensitive Data Exposure via API vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Tablesome versions = 1.0.33...

WordPress Church Admin plugin <= 4.4.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Peng Zhou in WordPress Plugin Church Admin versions = 4.4.6...

WordPress FileBird Document Library Plugin <= 2.0.6 is vulnerable to Sensitive Data Exposure

Software FileBird Document Library Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.8.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-37504 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7621ab22a70e Credits Peng Zhou...

WordPress Table & Contact Form 7 Database – Tablesome Plugin <= 1.0.33 is vulnerable to Sensitive Data Exposure

Software Table & Contact Form 7 Database – Tablesome Type Plugin Vulnerable versions = 1.0.33 Fixed in 1.0.34 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-37498 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b592d73e1659...

WordPress Podlove Web Player plugin <= 5.7.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Podlove Web Player versions = 5.7.3...

WordPress Gutenify plugin <= 1.4.0 - Sensitive Data Exposure via API vulnerability

Sensitive Data Exposure via API vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Gutenify versions = 1.4.0...

WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Filebird versions = 5.6.3...

WordPress Academy LMS plugin <= 1.9.25 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.25...

WordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin ShopBuilder – Elementor WooCommerce Builder Addons versions = 2.1.8...

WordPress WP Job Manager plugin <= 2.2.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WP Job Manager versions = 2.2.2...

WordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin weDocs versions = 2.1.4...