WordPress Wechat Social login Plugin <= 1.3.0 is vulnerable to Broken Authentication

Software Wechat Social login Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9106 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 26efb59ee707 Credits Istvá...

WordPress Woocommerce Social Media Share Buttons Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Social Media Share Buttons Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31109 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2941fe56e84a Credits Dimas Maula...

WordPress Surfer Plugin <= 1.3.2.357 is vulnerable to Broken Access Control

Software Surfer Type Plugin Vulnerable versions = 1.3.2.357 Fixed in 1.3.3.379 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-35037 Patch priority High CVSS severity High 7.6 Developer Claim ownership PSID fee59b89530e Credits Jonas Höbenreich Required...

WordPress Metform Elementor Contact Form Builder Plugin <= 3.3.1 is vulnerable to Sensitive Data Exposure

Software Metform Elementor Contact Form Builder Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-0692 Patch priority Medium CVSS severity Medium 4.3 Developer Wpmet PSID d33b9b89cda5 Credits Ramuel...

WordPress HappyFiles Pro Plugin <= 1.8.1 is vulnerable to Broken Access Control

Software HappyFiles Pro Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25445 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 518a5cea4b57 Credits Dave Jong Patchstack...

WordPress If Menu Plugin <= 0.16.3 is vulnerable to Broken Access Control

Software If Menu Type Plugin Vulnerable versions = 0.16.3 Fixed in 0.17.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-41698 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6fd87b73bf2d Credits Nguyen Anh Tien Required...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4700 Patch priority Medium CVSS severity Medium 5.4 Developer WProyal PSID 423004fa0a2f Credits Ramuel Gall Required...