WordPress Ally plugin <= 3.8.0 - Cross-Site Request Forgery to plugin Settings Update vulnerability

Cross-Site Request Forgery to plugin Settings Update vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Ally versions = 3.8.0...

WordPress WP Dashboard Chat plugin <= 1.0.3 - Authenticated (Contributor+) SQL Injection via id vulnerability

Authenticated Contributor+ SQL Injection via id vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WP Dashboard Chat versions = 1.0.3...

WordPress Library Management System plugin <= 3.1 - Missing Authorization to Authenticated (Subscriber+) Settings Manipulation vulnerability

Missing Authorization to Authenticated Subscriber+ Settings Manipulation vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Library Management System versions = 3.1...

WordPress All In One Login plugin <= 2.0.8 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by R1sky in WordPress Plugin All In One Login versions = 2.0.8...

WordPress Epic Bootstrap Buttons plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via icol Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via icol Parameter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Epic Bootstrap Buttons versions = 1.0...

WordPress Conditional Cart Messages for WooCommerce – YourPlugins.com Plugin <= 1.2.10 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Conditional Cart Messages for WooCommerce YourPlugins.com versions = 1.2.10...

WordPress Notely Plugin <= 1.8.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Notely versions = 1.8.0...

WordPress BM Content Builder Plugin < 3.16.3.3 - Arbitrary File Deletion Vulnerability

Arbitrary File Deletion Vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin BM Content Builder versions 3.16.3.3...

WordPress Easy Pricing Table WP Plugin <= 1.1.3 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin Easy Pricing Table WP versions = 1.1.3...

WordPress Mihdan: No External Links Plugin <= 5.1.6.2 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin Mihdan: No External Links versions = 5.1.6.2...

WordPress Goracash Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Vinit Lakra in WordPress Plugin Goracash versions = 1.1...

WordPress NGG Smart Image Search Plugin <= 3.4.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Prissy in WordPress Plugin NGG Smart Image Search versions = 3.4.3...

WordPress Card Elements for WPBakery Plugin <= 1.0.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin Card Elements for WPBakery versions = 1.0.8...

WordPress Bg Church Memos Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Gilang Asra Bilhadi in WordPress Plugin Bg Church Memos versions = 1.1...

WordPress Accordion Plugin <= 2.3.15 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Abu Hurayra in WordPress Plugin Accordion versions = 2.3.15...

WordPress Easy Elementor Addons Plugin <= 2.2.8 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Easy Elementor Addons versions = 2.2.8...

WordPress Ibtana Plugin <= 1.2.5.3 - Arbitrary Content Deletion Vulnerability

Arbitrary Content Deletion Vulnerability discovered by Denver Jackson in WordPress Plugin Ibtana versions = 1.2.5.3...

WordPress Penci Filter Everything Plugin < 1.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions 1.7...

WordPress Make Column Clickable Elementor Plugin <= 1.6.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Ritsuy in WordPress Plugin Make Column Clickable Elementor versions = 1.6.0...

WordPress WP Hotel Booking plugin < 2.2.3 - Subscriber+ Rating Manipulation vulnerability

Subscriber+ Rating Manipulation vulnerability discovered by Muhammed Çelik in WordPress Plugin WP Hotel Booking versions 2.2.3...