WordPress FileBird plugin <= 6.4.2.1 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Revan Arifio Patchstack Alliance in WordPress Plugin Filebird versions = 6.4.2.1...

WordPress Counters Block plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Logan Cote Patchstack Alliance in WordPress Plugin Counters Block versions = 1.1.2...

WordPress Business Card Block plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Logan Cote Patchstack Alliance in WordPress Plugin Business Card Block versions = 1.0.5...

WordPress Eventin plugin <= 4.0.20 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Eventin versions = 4.0.20...

WordPress Hostiko Theme < 30.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Theme Hostiko versions 30.1...

WordPress Drivr Lite – Google Drive Plugin plugin <= 1.0.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Drivr Lite – Google Drive Plugin versions = 1.0.1...

WordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by muhammad yudha Patchstack Alliance in WordPress Plugin Broadcast Live Video versions = 6.2...

WordPress Magic the Gathering Card Tooltips plugin <= 3.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Magic the Gathering Card Tooltips versions = 3.5.0...

WordPress FULL – Cliente plugin <= 3.1.26 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin FULL Customer versions = 3.1.26...

WordPress Calculator Builder plugin <= 1.6.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Calculator Builder versions = 1.6.2...

WordPress Leyka plugin <= 3.31.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Leyka versions = 3.31.8...

WordPress Qubely plugin <= 1.8.12 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by zaim Patchstack Alliance in WordPress Plugin Qubely versions = 1.8.12...

WordPress Vertex Addons for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Webula Patchstack Alliance in WordPress Plugin Vertex Addons for Elementor versions = 1.2.0...

WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Caesar Evan Santoso Patchstack Alliance in WordPress Plugin Keep Backup Daily versions = 2.1.0...

WordPress Pallet Packaging for WooCommerce Plugin <= 1.1.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Pallet Packaging for WooCommerce versions = 1.1.15...

WordPress OnePress theme <= 2.3.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Fariq Fadillah Gusti Insani Patchstack Alliance in WordPress Theme OnePress versions = 2.3.11...

WordPress AIO Performance Profiler plugin <= 1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin AIO Performance Profiler, Monitor, Optimize, Compress & Debug versions = 1.2...

WordPress Cookie Monster Plugin <= 1.2.2 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Cookie Monster versions = 1.2.2...

WordPress Name: CM E-Mail Registration Blacklist plugin <= 1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Email Registration Blacklist and Whitelist versions = 1.5.5...

WordPress CM Pop-Up Banners plugin <= 1.7.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin CM Pop-Up banners versions = 1.7.6...