WordPress Livemesh Addons by Elementor plugin <= 9.0 - Authenticated (Contributor+) Local File Inclusion via Widget Template Parameter vulnerability

Authenticated Contributor+ Local File Inclusion via Widget Template Parameter vulnerability discovered by Webbernaut in WordPress Plugin Livemesh Addons for Elementor versions = 9.0...

WordPress Apollo13 Framework Extension plugin <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via `a13_alt_link` Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via a13altlink Parameter vulnerability discovered by Webbernaut in WordPress Plugin Apollo13 Framework Extensions versions = 1.9.8...

WordPress افزونه پیامک ووکامرس Persian WooCommerce SMS plugin <= 7.0.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Persian Woocommerce SMS versions = 7.0.5...

WordPress The Plus Addons for Elementor plugin <= 5.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 5.4.2...

WordPress Jeg Elementor Kit plugin <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Countdown Widget vulnerability discovered by Webbernaut in WordPress Plugin Jeg Elementor Kit versions = 2.6.4...

WordPress Ultimate Blocks plugin <= 3.1.9 - Authenticated(Contributor+) Stored Cross-Site Scripting via Multiple Blocks vulnerability

AuthenticatedContributor+ Stored Cross-Site Scripting via Multiple Blocks vulnerability discovered by Webbernaut in WordPress Plugin Ultimate Blocks versions = 3.1.9...

WordPress Carousel Slider plugin <= 2.2.14 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Carousel Slider versions = 2.2.14...

WordPress Robo Gallery plugin <= 3.2.22 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Magnific Popups JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Robo Gallery versions = 3.2.22...

WordPress Responsive Lightbox & Gallery plugin <= 2.4.7 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via Featherlight.js JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Responsive Lightbox versions = 2.4.7...

WordPress Gallery with thumbnail slider plugin <= 7.8 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Gallery with thumbnail slider versions = 7.8...

WordPress Chaty plugin <= 3.3.5 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Chaty versions = 3.3.5...

WordPress Rank Math SEO plugin <= 1.0.235 - Authenticated (Contributor+) Stored Cross-Site Scripting via Rank Math API vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Rank Math API vulnerability discovered by Webbernaut in WordPress Plugin Rank Math SEO versions = 1.0.235...

WordPress Form Maker by 10Web plugin <= 1.15.27 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin Form Maker by 10Web versions = 1.15.27...

WordPress HurryTimer plugin <= 2.10.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Publication vulnerability

Missing Authorization to Authenticated Contributor+ Arbitrary Post Publication vulnerability discovered by Webbernaut in WordPress Plugin HurryTimer versions = 2.10.0...

WordPress ShopLentor plugin <= 2.9.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin ShopLentor versions = 2.9.7...

WordPress Piotnet Addons For Elementor plugin <= 2.4.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by Webbernaut in WordPress Plugin Piotnet Addons For Elementor versions = 2.4.30...

WordPress ElementsKit Pro plugin <= 3.6.0 - Authenticated (Contributor+) Local File Inclusion via Price Menu, Hotspot, and Advanced Toggle Widgets vulnerability

Authenticated Contributor+ Local File Inclusion via Price Menu, Hotspot, and Advanced Toggle Widgets vulnerability discovered by Webbernaut in WordPress Plugin ElementsKit Pro versions = 3.6.0...