WordPress EazyDocs plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin EazyDocs versions = 2.5.0...

WordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Events Calendar for Google versions = 2.1.0...

WordPress Qi Blocks plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Qi Blocks versions = 1.3...

WordPress Academy LMS plugin <= 2.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by filime Patchstack Alliance in WordPress Plugin Academy LMS versions = 2.0.4...

WordPress Simple Popup plugin <= 4.4 - Cross-Site Scripting (XSS) vulnerability

Cross-Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Simple Popup versions = 4.4...

WordPress FancyPost plugin <= 5.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin FancyPost versions = 5.3.1...

WordPress Magical Addons For Elementor plugin <= 1.1.41 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SouzaZinn Patchstack Alliance in WordPress Plugin Magical Addons For Elementor versions = 1.1.41...

WordPress REVIEWS.io plugin <= 1.2.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin REVIEWS.io versions = 1.2.8...

WordPress AdPush plugin <= 1.50 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin AdPush versions = 1.50...

WordPress Predictive Search for WooCommerce plugin <= 6.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin WooCommerce Predictive Search versions = 6.0.1...

WordPress codoc plugin <= 0.9.51.12 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin codoc versions = 0.9.51.12...

WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Simple Responsive Slider versions = 0.2.2.5...

WordPress Tutor LMS plugin <= 2.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by justakazh Patchstack Alliance in WordPress Plugin Tutor LMS versions = 2.7.2...

WordPress Master Popups Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Master Popups Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37950 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e2bd55990b6e Credits alfido osdie Patchstack Alliance Required...

WordPress Point theme <= 1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Point versions = 1.1...

WordPress SmartMag theme < 10.1.0 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by justakazh Patchstack Alliance in WordPress Theme SmartMag versions 10.1.0...

WordPress WP Accessibility Helper (WAH) plugin <= 0.6.2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WP Accessibility Helper WAH versions = 0.6.2.9...

WordPress Cliengo – Chatbot plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Cliengo – Chatbot versions = 3.0.4...

WordPress PayPlus Payment Gateway plugin <= 7.0.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin PayPlus Payment Gateway versions = 7.0.7...

WordPress WP User Switch plugin <= 1.1.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin WP User Switch versions = 1.1.2...