WordPress Master Slider plugin <= 3.10.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Master Slider versions = 3.10.8...

WordPress Royal Elementor Addons plugin < 1.7.1053 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Royal Elementor Addons versions 1.7.1053...

WordPress Paid Videochat Turnkey Site - HTML5 PPV Live Webcams plugin <= 7.3.20 - Authenticated (Author+) Privilege Escalation vulnerability

WordPress Paid Videochat Turnkey Site - HTML5 PPV Live Webcams plugin = 7.3.20 - Authenticated Author+ Privilege Escalation vulnerability discovered by Peter Thaleikis in WordPress Plugin Paid Videochat Turnkey Site versions = 7.3.20...

WordPress Drift plugin <= 1.5.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Title vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Post Title vulnerability discovered by Peter Thaleikis in WordPress Theme Drift versions = 1.5.0...

WordPress ForumWP - Forum & Discussion Board plugin <= 2.1.2 - Reflected Cross-Site Scripting via url Parameter vulnerability

WordPress ForumWP - Forum & Discussion Board plugin = 2.1.2 - Reflected Cross-Site Scripting via url Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin ForumWP versions = 2.1.2...

WordPress Schema App Structured Data plugin <= 2.2.4 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Schema App Structured Data versions = 2.2.4...

WordPress Ebook Store plugin <= 5.8001 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Ebook Store versions = 5.8001...

WordPress WP AdCenter plugin <= 2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpadcenter_ad Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wpadcenterad Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin WP AdCenter versions = 2.5.7...

WordPress GS Books Showcase plugin <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Books Showcase versions = 1.3.1...

WordPress GS Filterable Portfolio plugin <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin GS Filterable Portfolio versions = 1.6.3...

WordPress Social Media Shortcodes plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Social Media Shortcodes versions = 1.3.0...

WordPress Add infos to the events calendar plugin <= 1.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Add infos to the events calendar versions = 1.4.1...

WordPress FAQ And Answers - Create Frequently Asked Questions Area on WP Sites plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

WordPress FAQ And Answers - Create Frequently Asked Questions Area on WP Sites plugin = 1.1.0 - Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin FAQ And Answers – Create Frequently Asked Questions Area on WP Sites versions = 1....

WordPress Confetti Fall Animation plugin <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via confetti-fall-animation Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via confetti-fall-animation Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Confetti Fall Animation versions = 1.3.1...

WordPress WP-WebAuthn plugin <= 1.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wwa_login_form Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via wwaloginform Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin WP-WebAuthn versions = 1.3.3...

WordPress Target Video Easy Publish plugin <= 3.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via placeholder_img Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via placeholderimg Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Target Video Easy Publish versions = 3.8.8...

WordPress Consulting theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Theme Consulting versions = 1.5.0...

WordPress Zigaform plugin <= 7.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Zigaform – Price Calculator & Cost Estimation Form Builder Lite versions = 7.4.7...

WordPress Form Builder CP plugin <= 1.2.41 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by Peter Thaleikis in WordPress Plugin Form Builder CP versions = 1.2.41...

WordPress Listamester plugin <= 2.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Listamester versions = 2.3.4...