WordPress Bitly's WordPress Plugin plugin <= 2.7.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Bitly versions = 2.7.2...

WordPress Blockspare plugin <= 3.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Blockspare versions = 3.2.0...

WordPress CM Tooltip Glossary Plugin <= 4.3.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin CM Tooltip Glossary versions = 4.3.7...

WordPress Selection Lite plugin <= 1.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Selection Lite versions = 1.11...

WordPress GeoDirectory plugin <= 2.3.61 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin GeoDirectory versions = 2.3.61...

WordPress Tutor LMS plugin <= 2.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Tutor LMS versions = 2.7.3...

WordPress Event Manager and Tickets Selling Plugin for WooCommerce plugin <= 4.2.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin WpEvently versions = 4.2.1...

WordPress Sunshine Photo Cart plugin <= 3.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Sunshine Photo Cart versions = 3.2.1...

WordPress Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce plugin <= 2.6.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Sender – Newsletter, SMS and Email Marketing Automation for WooCommerce versions = 2.6.14...

WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerability

Sensitive Information via Imported File vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.8...

WordPress Graphina plugin <= 1.8.10 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Graphina versions = 1.8.10...

WordPress Extensions for Elementor plugin <= 2.0.31 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Extensions for Elementor versions = 2.0.31...

WordPress WP-PostRatings plugin <= 1.91.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WP-PostRatings versions = 1.91.1...

WordPress Easy Digital Downloads plugin <= 3.2.12 - SQL Injection vulnerability

SQL Injection vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Easy Digital Downloads versions = 3.2.12...

WordPress Message Filter for Contact Form 7 plugin <= 1.6.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Message Filter for Contact Form 7 versions = 1.6.1.1...

WordPress Custom 404 Pro plugin <= 3.11.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Custom 404 Pro versions = 3.11.1...

WordPress Black Widgets For Elementor plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Plugin Black Widgets For Elementor versions = 1.3.5...

WordPress RegistrationMagic plugin <= 6.0.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin RegistrationMagic versions = 6.0.0.1...

WordPress WordPress File Upload plugin <= 4.24.7 - Broken Access Control + CSRF vulnerability

Broken Access Control + CSRF vulnerability discovered by emad Patchstack Alliance in WordPress Plugin WordPress File Upload versions = 4.24.7...

WordPress ConveyThis Translate plugin <= 234 - Non-arbitrary Options Update vulnerability

Non-arbitrary Options Update vulnerability discovered by Humberto Castelo Branco Patchstack Alliance in WordPress Plugin ConveyThis versions = 234...