WordPress Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder plugin <= 2.0.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by wpdabh Patchstack Alliance in WordPress Plugin Ultimate Store Kit Elementor Addons versions = 2.0.3...

WordPress Fancy Elementor Flipbox plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Fancy Elementor Flipbox versions = 2.5.2...

WordPress Himalayas theme <= 1.3.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Himalayas versions = 1.3.0...

WordPress Zotpress plugin <= 7.3.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Zotpress versions = 7.3.9...

WordPress Gold Addons for Elementor plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Gold Addons for Elementor versions = 1.2.9...

WordPress Real3D Flipbook PDF Viewer Lite plugin <= 3.71 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Real 3D FlipBook versions = 3.71...

WordPress gee Search Plus plugin <= 1.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin gee Search Plus versions = 1.4.4...

WordPress WOLF plugin <=1.0.8.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Elmini Patchstack Alliance in WordPress Plugin WOLF versions = 1.0.8.2...

WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ray Wilson Patchstack Alliance in WordPress Plugin WidgetKit versions = 2.4.8...

WordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin weDocs versions = 2.1.4...

WordPress Easy Affiliate Links plugin <= 3.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Easy Affiliate Links versions = 3.7.2...

WordPress DS Site Message plugin <= 1.14.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by umi Patchstack Alliance in WordPress Plugin DS Site Message versions = 1.14.4...

WordPress AI Engine plugin <= 2.2.63 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin AI Engine versions = 2.2.63...

WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Huynh Tien Si Patchstack Alliance in WordPress Plugin Form Maker by 10Web versions = 1.15.24...

WordPress Better Elementor Addons plugin <=1.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Better Elementor Addons versions = 1.4.4...

WordPress One Click Demo Import Plugin <= 3.2.0 is vulnerable to PHP Object Injection

Software One Click Demo Import Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.2.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-34433 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID a0133f0acd1f Credits ngductung Patchstack Alliance Requir...

WordPress Brozzme Scroll Top plugin <= 1.8.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Brozzme Scroll Top versions = 1.8.5...

WordPress Featured Content Gallery plugin <= 3.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Featured Content Gallery versions = 3.2.0...

WordPress WPCS ( WordPress Custom Search ) plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin WPCS WordPress Custom Search versions = 1.1...

WordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerability

Rating Value Manipulation vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin WP Post Author versions = 3.6.4...