WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Woocommerce Product Design versions = 1.0.0...

WordPress Bstone Demo Importer plugin <= 1.0.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Bstone Demo Importer versions = 1.0.1...

WordPress Marketing Automation by AZEXO plugin <= 1.27.80 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Marketing Automation by AZEXO versions = 1.27.80...

WordPress 1-Click Login: Passwordless Authentication plugin 1.4.5 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin 1-Click Login: Passwordless Authentication versions 1.4.5...

WordPress Raptor Editor plugin <= 1.0.20 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Raptor Editor versions = 1.0.20...

WordPress Interactive World Map plugin <= 3.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sc1duck Patchstack Alliance in WordPress Plugin Interactive World Map versions = 3.4.4...

WordPress EmbedPress plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Thanayut Maktheppongt Patchstack Alliance in WordPress Plugin EmbedPress versions = 4.0.14...

WordPress Firelight Lightbox plugin <= 2.3.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Firelight Lightbox versions = 2.3.3...

WordPress MDTF – Meta Data and Taxonomies Filter plugin <= 1.3.3.4 - Bypass Vulnerability vulnerability

Bypass Vulnerability vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin MDTF versions = 1.3.3.4...

WordPress YITH WooCommerce Product Add-Ons plugin <= 4.14.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin YITH WooCommerce Product Add-Ons versions = 4.14.1...

WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.19 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Envo's Elementor Templates & Widgets for WooCommerce versions = 1.4.19...

WordPress PostX plugin <= 4.1.12 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0tter Patchstack Alliance in WordPress Plugin PostX versions = 4.1.12...

WordPress NewsCard theme <= 1.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Theme NewsCard versions = 1.3...

WordPress Breeze plugin <= 2.1.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Felipe Alcantara Patchstack Alliance in WordPress Plugin Breeze versions = 2.1.14...

WordPress Beaver Builder plugin <= 2.8.3.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Beaver Builder versions = 2.8.3.7...

WordPress Survey Maker plugin <= 5.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin Survey Maker versions = 5.0.2...

WordPress WP Booking System – Booking Calendar plugin <= 2.0.19.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin WP Booking System versions = 2.0.19.10...

WordPress Bold Page Builder plugin <= 5.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Bold Page Builder versions = 5.1.3...

WordPress WPC Shop as a Customer for WooCommerce plugin <= 1.2.6 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin WPC Shop as a Customer for WooCommerce versions = 1.2.6...

WordPress Import and export users and customers plugin <= 1.27.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.27.5...