WordPress Upload Fields for WPForms plugin <= 1.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Upload Fields for WPForms versions = 1.0.2...

WordPress KiviCare plugin <= 3.6.6 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Van Lyubov Patchstack Alliance in WordPress Plugin KiviCare versions = 3.6.6...

WordPress WP-Recall plugin <= 16.26.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin WP-Recall versions = 16.26.6...

WordPress Responsive theme <= 5.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Responsive versions = 5.0.3...

WordPress Save as PDF Plugin by Pdfcrowd plugin <= 3.2.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Save as PDF versions = 3.2.3...

WordPress Preferred Languages plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by ret2desync Patchstack Alliance in WordPress Plugin Preferred Languages versions = 2.2.2...

WordPress WP Back Button plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by alfido osdie Patchstack Alliance in WordPress Plugin WP Back Button versions = 1.1.3...

WordPress Site Favicon plugin <= 0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Site Favicon versions = 0.2...

WordPress Just Writing Statistics plugin <= 4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Just Writing Statistics versions = 4.5...

WordPress Safety Exit plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Safety Exit versions = 1.7.0...

WordPress Simple Spoiler plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Simple Spoiler versions = 1.2...

WordPress Blocksy Companion plugin <= 2.0.42 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin Blocksy Companion versions = 2.0.42...

Woocommerce – Recent Purchases plugin <= 1.0.1 - File Inclusion vulnerability

File Inclusion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Woocommerce – Recent Purchases versions = 1.0.1...

WordPress Easy Digital Downloads – Recent Purchases plugin <= 1.0.2 - Remote File Inclusion vulnerability

Remote File Inclusion vulnerability discovered by YCInfosec Patchstack Alliance in WordPress Plugin Easy Digital Downloads – Recent Purchases versions = 1.0.2...

WordPress Photo Gallery by 10Web plugin <= 1.8.25 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Photo Gallery by 10Web versions = 1.8.25...

WordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Fastly versions = 1.2.25...

WordPress AdFoxly plugin <= 1.8.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin AdFoxly – Ad Manager, AdSense Ads & Ads.txt versions = 1.8.5...

WordPress PopupAlly plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by alfido osdie Patchstack Alliance in WordPress Plugin PopupAlly versions = 2.1.1...

WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Tainacan versions = 0.21.3...

WordPress Elegant Blocks – Amazing Gutenberg Blocks plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Elegant Blocks versions = 1.7...