WordPress Image Slider by NextCode plugin <= 1.1.2 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by BEE-K in WordPress Image Slider by NextCode plugin versions = 1.1.2. Solution Deactivate and delete. This plugin has been closed as of May 20, 2022 and is not available for download. This closure is temporary, pending a...

WordPress Code Snippets plugin <= 2.14.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by BEE-K Patchstack in WordPress Code Snippets plugin versions = 2.14.3. Solution Update the WordPress Code Snippets plugin to the latest available version at least 2.14.4...

WordPress Rara One Click Demo Import plugin <= 1.2.9 - Cross-Site Request Forgery (CSRF) leads to Arbitrary File Upload vulnerability

Cross-Site Request Forgery CSRF leads to Arbitrary File Upload vulnerability discovered in Rara One Click Demo Import plugin versions = 1.2.9 by BEE-K. Solution Update the WordPress Rara One Click Demo Import plugin to the latest available version at least 1.3.0...