WordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Fastly versions = 1.2.25...

WordPress Magazine Blocks plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Magazine Blocks versions = 1.3.6...

WordPress Picture Gallery plugin <= 1.5.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Picture Gallery versions = 1.5.11...

WordPress Radio Player plugin <= 2.0.73 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Radio Player versions = 2.0.73...

WordPress Landing Page Builder <= 1.5.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Landing Page Builder versions = 1.5.1.8...

WordPress Popup – Popup More Popups plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Popup More Popups versions = 2.3.1...

WordPress Clearfy Cache plugin <= 2.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Clearfy Cache versions = 2.3.2...

WordPress JCH Optimize plugin <= 4.2.0 - Path Traversal vulnerability

Path Traversal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin JCH Optimize versions = 4.2.0...

WordPress Niveau theme 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Niveau versions = 1.0.8...

WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.0.0...

WordPress Gutenify plugin <= 1.4.0 - Sensitive Data Exposure via API vulnerability

Sensitive Data Exposure via API vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Gutenify versions = 1.4.0...

WordPress FileBird – WordPress Media Library Folders & File Manager plugin <= 5.6.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Filebird versions = 5.6.3...

WordPress All Bootstrap Blocks plugin <= 1.3.15 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin All Bootstrap Blocks versions = 1.3.15...

WordPress Academy LMS plugin <= 1.9.25 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.25...

WordPress iPages Flipbook plugin <= 1.5.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin iPages Flipbook versions = 1.5.1...

WordPress Netgsm plugin <= 2.9.32 - Broken Access Control + CSRF vulnerability

Broken Access Control + CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Netgsm versions = 2.9.32...

WordPress MC Woocommerce Wishlist plugin <= 1.7.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin MC Woocommerce Wishlist versions = 1.7.2...

WordPress Contact List plugin <= 2.9.87 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Contact List versions = 2.9.87...

WordPress Translate Multilingual sites – TranslatePress plugin <= 2.7.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin TranslatePress versions = 2.7.5...

WordPress Easy Digital Downloads plugin <= 3.2.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Easy Digital Downloads versions = 3.2.11...