WordPress SafetyForms plugin <= 1.0.0 - CSRF to SQL Injection vulnerability

CSRF to SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin SafetyForms versions = 1.0.0...

WordPress Product Website Showcase plugin <= 1.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Product Website Showcase versions = 1.0...

WordPress photokit plugin <= 1.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin photokit versions = 1.0...

WordPress Author Discussion plugin <= 0.2.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Author Discussion versions = 0.2.2...

WordPress GERRYWORKS Post by Mail plugin <= 1.0 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin GERRYWORKS Post by Mail versions = 1.0...

WordPress Giveaway Boost plugin <= 2.1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Giveaway Boost versions = 2.1.4...

WordPress Nice Backgrounds plugin <= 1.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Nice Backgrounds versions = 1.0...

WordPress Sovratec Case Management plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Sovratec Case Management versions = 1.0.0...

WordPress All in One Slider plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin All in One Slider versions = 1.1...

WordPress Encyclopedia / Glossary / Wiki plugin <= 1.7.60 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Encyclopedia / Glossary / Wiki versions = 1.7.60...

WordPress Point Maker plugin <= 0.1.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Point Maker versions = 0.1.4...

WordPress FREE DOWNLOAD MANAGER plugin <= 1.0.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin FREE DOWNLOAD MANAGER versions = 1.0.0...

WordPress JiangQie Free Mini Program plugin <= 2.5.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JiangQie Free Mini Program versions = 2.5.2...

WordPress WordPress Portfolio Builder – Portfolio Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin WordPress Portfolio Builder – Portfolio Gallery versions = 1.1.7...

WordPress G Meta Keywords plugin <= 1.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin G Meta Keywords versions = 1.4...

WordPress Custom Add to Cart Button Label and Link plugin <= 1.6.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Custom Add to Cart Button Label and Link versions = 1.6.1...

WordPress WP VR plugin <= 8.5.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin WP VR versions = 8.5.4...

WordPress Exclusive Addons for Elementor plugin <= 2.7.1 - Cross-Site Scripting vulnerability

Cross-Site Scripting vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Exclusive Addons Elementor versions = 2.7.1...

WordPress Email Template Customizer for WooCommerce plugin <= 1.2.9.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Email Template Customizer for WooCommerce versions = 1.2.9.1...

WordPress PDF-Rechnungsverwaltung plugin <= 0.0.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin PDF-Rechnungsverwaltung versions = 0.0.1...