WordPress AI ENGINE plugin <= 2.4.7 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin AI Engine versions = 2.4.7...

WordPress Telegram Bot & Channel plugin <= 3.8.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Telegram Bot & Channel versions = 3.8.2...

WordPress uipress-lite plugin <= 3.4.06 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Nguyễn Trung Kiên Patchstack Alliance in WordPress Plugin UiPress lite versions = 3.4.06...

WordPress CopySafe Web Protection plugin <= 3.15 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin CopySafe Web Protection versions = 3.15...

WordPress Matomo Analytics plugin <= 5.1.1 - Cross Site Request Forgery (CSRF) leading to Notice Dismissal vulnerability

Cross Site Request Forgery CSRF leading to Notice Dismissal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Matomo Analytics versions = 5.1.1...

WordPress i-transform theme <= 3.0.9 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme i-transform versions = 3.0.9...

WordPress Typebot plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Typebot versions = 3.6.0...

WordPress Coming Soon Page – Responsive Coming Soon & Maintenance Mode plugin <= 1.6.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Coming Soon versions = 1.6.3...

WordPress Tagbox plugin <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Taggbox versions = 3.3...

WordPress Zoho Campaigns plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Zoho Campaigns versions = 2.0.8...

WordPress Animated Rotating Words Plugin <= 5.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Animated Rotating Words versions = 5.6...

WordPress EleForms plugin <= 2.9.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin EleForms versions = 2.9.9.9...

WordPress MBE eShip plugin <= 2.1.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin MBE eShip versions = 2.1.2...

WordPress OnePress theme <= 2.3.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme OnePress versions = 2.3.8...

WordPress Change From Email plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Change From Email versions = 1.2.1...

WordPress Event post plugin <= 5.9.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Event post versions = 5.9.5...

WordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Meks Video Importer versions = 1.0.12...

WordPress Patricia Blog theme <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Patricia Blog versions = 1.2...

WordPress Seraphinite Post .DOCX Source plugin <= 2.16.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Seraphinite Post .DOCX Source versions = 2.16.9...

WordPress EazyDocs plugin <= 2.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin EazyDocs versions = 2.5.0...