518 matches found
WordPress Happy Addons for Elementor plugin <= 3.20.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom JS vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Custom JS vulnerability discovered by zer0gh0st in WordPress Plugin Happy Addons for Elementor versions = 3.20.3...
WordPress Quran Gateway plugin <= 1.5 - Cross-Site Request Forgery to Settings Update vulnerability
Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Quran Gateway versions = 1.5...
WordPress Restrict Elementor Widgets, Columns and Sections plugin <= 1.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by MD ISMAIL in WordPress Plugin Restrict Elementor Widgets, Columns and Sections versions = 1.12...
WordPress King Addons for Elementor plugin <= 51.1.39 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Widgets vulnerability discovered by zer0gh0st in WordPress Plugin King Addons for Elementor versions = 51.1.39...
WordPress Userback plugin <= 1.0.15 - Missing Authorization to Authenticated (Subscriber+) plugin's Configuration Exposure vulnerability
Missing Authorization to Authenticated Subscriber+ plugin's Configuration Exposure vulnerability discovered by jsonc in WordPress Plugin Userback versions = 1.0.15...
WordPress Table Block by Tableberg plugin <= 0.6.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Table Block by Tableberg versions = 0.6.9...
WordPress FitVids for WordPress plugin <= 4.0.1 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability
Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin FitVids for WordPress versions = 4.0.1...
WordPress Autoptimize plugin <= 3.1.13 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Autoptimize versions = 3.1.13...
WordPress WP Plugin Manager plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Mika in WordPress Plugin WP Plugin Manager versions = 1.4.7...
WordPress Easy Plugin Stats plugin <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Easy Plugin Stats versions = 2.0.1...
WordPress WP Reset plugin <= 2.05 - Unauthenticated Sensitive Information Exposure via wf-licensing.log vulnerability
Unauthenticated Sensitive Information Exposure via wf-licensing.log vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP Reset versions = 2.05...
EUVD-2022-0283
Malicious code in bioql PyPI...
WordPress Epic Bootstrap Buttons plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icol Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via icol Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Epic Bootstrap Buttons versions = 1.0...
WordPress bbp topic count plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin bbp topic count versions = 3.2...
WordPress CopySafe Web Protection plugin <= 5.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin CopySafe Web Protection versions = 5.1...
WordPress PGS Core Plugin <= 5.9.0 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin PGS Core versions = 5.9.0...
WordPress Quiz Maker Plugin <= 6.7.0.64 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Muhammad Zidan Ali Mansur in WordPress Plugin Quiz Maker versions = 6.7.0.64...
WordPress Stock Message Plugin <= 1.1.0 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Stock Message versions = 1.1.0...
WordPress Perfect Brands for WooCommerce plugin <= 3.6.2 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Perfect Brands for WooCommerce versions = 3.6.2...
WordPress SS Font Awesome Icon Plugin <= 4.1.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Mika in WordPress Plugin SS Font Awesome Icon versions = 4.1.3...