WordPress WP Service Payment Form With Authorize.net plugin <= 2.6.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin WP Service Payment Form With Authorize.net versions = 2.6.3...

WordPress Carousel, Slider, Gallery by WP Carousel plugin <= 2.6.3 - Admin+ PHP Object Injection vulnerability

Admin+ PHP Object Injection vulnerability discovered by hoanpk in WordPress Plugin Carousel, Slider, Gallery by WP Carousel versions = 2.6.3...

PT-2023-21908 · WordPress · Kevon Adonis Wp Abstracts

Name of the Vulnerable Software and Affected Versions: Kevon Adonis WP Abstracts plugin versions = 2.6.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions = 2.6.3, update to a...