WordPress Bold Timeline Lite plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Bold Timeline Lite versions = 1.2.0...

WordPress Envo's Elementor Templates & Widgets for WooCommerce plugin <= 1.4.16 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Envo's Elementor Templates & Widgets for WooCommerce versions = 1.4.16...

WordPress Void Elementor Post Grid Addon for Elementor Page builder plugin <= 2.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Void Elementor Post Grid Addon for Elementor Page builder versions = 2.3...

WordPress Salon Booking System plugin <= 10.8.1 - Open Redirection vulnerability

Open Redirection vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Salon booking system versions = 10.8.1...

WordPress WooCommerce plugin <= 9.1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WooCommerce versions = 9.1.2...

WordPress Icegram Collect – Easy Form, Lead Collection and Subscription plugin plugin <= 1.3.14 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Icegram Collect versions = 1.3.14...

WordPress Widgets for WooCommerce Products on Elementor plugin <= 2.0.4 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Woo Products Widgets For Elementor versions = 2.0.4...

WordPress Analytify plugin <= 5.3.1 - CSRF Leading to Optout Vulnerability

CSRF Leading to Optout Vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Analytify versions = 5.3.1...

WordPress Create by Mediavine plugin <= 1.9.8 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Create by Mediavine versions = 1.9.8...

WordPress Compute Links plugin <= 1.2.1 - Remote File Inclusion vulnerability

Remote File Inclusion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Compute Links versions = 1.2.1...

WordPress Store Locator Plus® for WordPress plugin <= 2311.17.01 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Store Locator Plus versions = 2311.17.01...

WordPress Houzez theme <= 3.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jorge Rodriguez Patchstack Alliance in WordPress Theme Houzez versions = 3.2.4...

WordPress weMail plugin <= 1.14.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k in WordPress Plugin weMail versions = 1.14.5...

WordPress Timeline and History slider plugin <= 2.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Timeline and History slider versions = 2.3...

WordPress Shared Files – Premium Download Manager & Secure File Sharing with Frontend File Upload plugin <= 1.7.28 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Shared Files versions = 1.7.28...

WordPress EventPrime plugin <= 4.0.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin EventPrime versions = 4.0.3.2...

WordPress Kodex Posts likes plugin <= 2.5.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dmitriy Prokhorov Patchstack Alliance in WordPress Plugin Kodex Posts likes versions = 2.5.0...

WordPress Filr plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by domiee13 Patchstack Alliance in WordPress Plugin Filr versions = 1.2.4...

WordPress myCred plugin <= 2.7.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin myCred versions = 2.7.2...

WordPress WpTravelly plugin <= 1.7.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WpTravelly versions = 1.7.7...