WordPress Advanced Contact form 7 DB plugin <= 2.0.2 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin Advanced Contact form 7 DB versions = 2.0.2...

WordPress Contact Form by Supsystic plugin <= 1.7.29 - Cross-Site Request Forgery to Stored Cross-Site Scripting via saveAsCopy AJAX Action vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting via saveAsCopy AJAX Action vulnerability discovered by Tim Coen in WordPress Plugin Contact Form by Supsystic versions = 1.7.29...

WordPress KB Support plugin <= 1.7.4 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin KB Support versions = 1.7.4...

WordPress SupportCandy plugin <= 3.3.0 - Insecure Direct Object Reference vulnerability

Insecure Direct Object Reference vulnerability discovered by Tim Coen in WordPress Plugin SupportCandy versions = 3.3.0...

WordPress Wallet System for WooCommerce plugin <= 2.6.2 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Tim Coen in WordPress Plugin Wallet System for WooCommerce versions = 2.6.2...

WordPress Wallet System for WooCommerce plugin <= 2.6.2 - Missing Authorization vulnerability

Missing Authorization vulnerability discovered by Tim Coen in WordPress Plugin Wallet System for WooCommerce versions = 2.6.2...

WordPress PeproDev Ultimate Invoice plugin <= 2.0.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tim Coen in WordPress Plugin PeproDev Ultimate Invoice versions = 2.0.9...

WordPress JS Help Desk plugin <= 2.8.8 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin JS Help Desk versions = 2.8.8...

WordPress Majestic Support plugin <= 1.0.5 - Authenticated (Subscriber+) Insecure Direct Object Reference vulnerability

Authenticated Subscriber+ Insecure Direct Object Reference vulnerability discovered by Tim Coen in WordPress Plugin Majestic Support versions = 1.0.5...

WordPress Majestic Support plugin <= 1.0.5 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin Majestic Support versions = 1.0.5...

WordPress Robo Gallery plugin <= 3.2.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Title vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Gallery Title vulnerability discovered by Tim Coen in WordPress Plugin Robo Gallery versions = 3.2.19...

WordPress Robo Gallery plugin <= 3.2.19 - Authenticated (Author+) Stored Cross-Site Scripting via Image Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Image Title vulnerability discovered by Tim Coen in WordPress Plugin Robo Gallery versions = 3.2.19...

Wordpress MetForm plugin <= 3.8.8 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin Metform versions = 3.8.8...

WordPress Popup Builder plugin <= 4.2.7 - Authenticated(Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Custom JS vulnerability discovered by Tim Coen in WordPress Plugin Popup Builder versions = 4.2.7...

WordPress WP Table Builder plugin <= 1.4.14 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin WP Table Builder versions = 1.4.14...

WordPress 3D FlipBook plugin <= 1.15.4 - Authenticated (Author+) Stored Cross-Site Scritping via Bookmark URL vulnerability

Authenticated Author+ Stored Cross-Site Scritping via Bookmark URL vulnerability discovered by Tim Coen in WordPress Plugin 3D FlipBook – PDF Flipbook Viewer, Flipbook Image Gallery versions = 1.15.4...

WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.7.7 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.7.7...

WordPress Contact Form 7 Database Addon – CFDB7 plugin <= 1.2.6.8 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by Tim Coen in WordPress Plugin Contact Form 7 Database Addon – CFDB7 versions = 1.2.6.8...

WordPress WP-Members Membership Plugin plugin <= 3.4.9.3 - Unprotected Storage of Potentially Sensitive Files vulnerability

Unprotected Storage of Potentially Sensitive Files vulnerability discovered by Tim Coen in WordPress Plugin WP-Members versions = 3.4.9.3...

WordPress Contact Form Entries plugin <= 1.3.8 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin Contact Form Entries versions = 1.3.8...