WordPress WP Compress plugin <= 6.20.13 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin WP Compress versions = 6.20.13...

WordPress Page-list plugin <= 5.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by kslatz Patchstack Alliance in WordPress Plugin Page-list versions = 5.6...

WordPress Web Directory Free plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Certus Cybersecurity Patchstack Alliance in WordPress Plugin Web Directory Free versions = 1.7.3...

WordPress Author Avatars List/Block plugin <= 2.1.21 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0tter Patchstack Alliance in WordPress Plugin Author Avatars List/Block versions = 2.1.21...

WordPress WP Bulk Delete plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin WP Bulk Delete versions = 1.3.1...

WordPress YITH WooCommerce Ajax Search plugin <= 2.8.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin YITH WooCommerce Ajax Search versions = 2.8.0...

WordPress WPMobile.App plugin <= 11.50 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin WPMobile.App versions = 11.50...

WordPress Newsletters plugin <= 4.9.9.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Newsletters versions = 4.9.9.1...

WordPress uListing plugin <= 2.1.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin uListing versions = 2.1.5...

WordPress WP Mail Catcher plugin <= 2.1.9 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin WP Mail Catcher versions = 2.1.9...

WordPress WPExperts Square For GiveWP plugin <= 1.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Jorge Diaz Patchstack Alliance in WordPress Plugin WPExperts Square For GiveWP versions = 1.3...

WordPress Zoho Flow for WordPress plugin <= 2.7.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Zoho Flow versions = 2.7.1...

WordPress Loops & Logic plugin <= 4.1.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Loops & Logic versions = 4.1.4...

WordPress Sky Addons for Elementor plugin <= 2.5.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Sky Addons for Elementor versions = 2.5.11...

WordPress ElementsReady Addons for Elementor plugin <= 6.4.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin ElementsReady Addons for Elementor versions = 6.4.0...

WordPress Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit plugin <= 3.1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin FunnelKit Automations versions = 3.1.2...

WordPress Multiple Page Generator Plugin – MPG plugin <= 3.4.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin MPG versions = 3.4.7...

WordPress WP Timeline plugin <= 3.6.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin WP Timeline – Vertical and Horizontal timeline plugin versions = 3.6.7...

WordPress WS Form LITE plugin <= 1.9.238 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin WS Form LITE versions = 1.9.238...

WordPress Salon Booking Wordpress Plugin plugin <= 10.9 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Salon booking system versions = 10.9...