WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

IP Bypass vulnerability discovered by LeNgocHoa Patchstack Alliance in WordPress Plugin Maintenance Mode by helderk versions = 3.0.1...

WordPress InstaWP Connect plugin <= 0.1.0.24 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin InstaWP Connect versions = 0.1.0.24...

WordPress YITH WooCommerce Compare plugin <= 2.37.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin YITH WooCommerce Compare versions = 2.37.0...

WordPress AI Infographic Maker OpenAI plugin <= 4.6.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Infographic Maker – iList versions = 4.6.6...

WordPress Active Products Tables for WooCommerce plugin <= 1.0.6.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Active Products Tables for WooCommerce versions = 1.0.6.2...

WordPress WP Social Comments plugin <= 1.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin WP Social Comments versions = 1.7.3...

WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...

WordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerability

Broken Access Control on Review vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress HUSKY plugin <= 1.3.5.2 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin HUSKY versions = 1.3.5.2...

WordPress Shared Files plugin <= 1.7.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Shared Files versions = 1.7.16...

WordPress Support Genix plugin <= 1.2.3 - Broken Access Control lead to Arbitrary File Upload vulnerability

Broken Access Control lead to Arbitrary File Upload vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Support Genix versions = 1.2.3...

WordPress WP-Recall plugin <= 16.26.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin WP-Recall versions = 16.26.5...

WordPress Popup Anything plugin <= 2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Popup Anything versions = 2.8...

WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin WP Dummy Content Generator versions = 3.2.1...

WordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WP Smart Import versions = 1.0.7...

WordPress DSGVO Youtube plugin <= 1.4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin DSGVO Youtube versions = 1.4.5...

WordPress Attesa Extra plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Attesa Extra versions = 1.3.9...

WordPress Void Elementor WHMCS Elements For Elementor Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Void Elementor WHMCS Elements For Elementor Page Builder versions = 2.0...

WordPress Gutenberg Block Editor Toolkit plugin <= 1.40.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Gutenberg Block Editor Toolkit versions = 1.40.4...