WordPress Riaxe Product Customizer plugin <= 2.1.2 - Unauthenticated SQL Injection via 'options' Parameter Keys in product_data vulnerability

Unauthenticated SQL Injection via 'options' Parameter Keys in productdata vulnerability discovered by Kai Aizen in WordPress Plugin Riaxe Product Customizer versions = 2.1.2...

WordPress Advanced CF7 DB plugin <= 2.0.9 - Cross-Site Request Forgery to Form Entry Deletion vulnerability

Cross-Site Request Forgery to Form Entry Deletion vulnerability discovered by Kai Aizen in WordPress Plugin Advanced Contact form 7 DB versions = 2.0.9...

WordPress Riaxe Product Customizer plugin <= 2.4 - Unauthenticated Sensitive Information Disclosure via '/orders' REST API Endpoint vulnerability

Unauthenticated Sensitive Information Disclosure via '/orders' REST API Endpoint vulnerability discovered by Kai Aizen in WordPress Plugin Riaxe Product Customizer versions = 2.4...

WordPress TelSender plugin <= 1.14.14 - Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability

Unauthenticated Stored Cross-Site Scripting via Telegram Chat Title vulnerability discovered by Kai Aizen in WordPress Plugin TelSender versions = 1.14.14...

WordPress Friendly Functions for Welcart plugin <= 1.2.5 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Kai Aizen in WordPress Plugin Friendly Functions for Welcart versions = 1.2.5...

WordPress Omnipress plugin <= 1.6.5 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Kai Aizen in WordPress Plugin Omnipress versions = 1.6.5...