WordPress Real Estate 7 theme <= 3.5.2 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Real Estate 7 versions = 3.5.2...

WordPress Eduma theme <= 5.6.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Eduma versions = 5.6.4...

WordPress FS Poster plugin <= 6.5.8 - Subscriber+ Site Wide Broken Access Control vulnerability

Subscriber+ Site Wide Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin FS Poster versions = 6.5.8...

WordPress Eximius theme <= 2.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Eximius versions = 2.2...

WordPress Celestial Aura plugin <= 2.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Celestial Aura versions = 2.2...

WordPress Fazyvo theme <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Theme Fazyvo versions = 1.6...

WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by luc in WordPress Theme AI Hub versions = 1.3.7...

WordPress Tiger theme <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Theme Tiger versions = 2.0...

WordPress Glossy Blog theme <= 1.0.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Glossy Blog versions = 1.0.3...

WordPress Simplish theme <= 2.6.4 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Simplish versions = 2.6.4...

WordPress ELEX WooCommerce Request a Quote plugin <= 2.3.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peter Thaleikis in WordPress Plugin ELEX WooCommerce Request a Quote versions = 2.3.9...

WordPress JetSearch plugin <= 3.5.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetSearch versions = 3.5.7...

WordPress InstaWP Connect plugin <= 0.1.0.82 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin InstaWP Connect versions = 0.1.0.82...

WordPress Quiz Maker plugin <= 6.6.8.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by astra.r3verii Patchstack Alliance in WordPress Plugin Quiz Maker versions = 6.6.8.7...

WordPress Subscribe to Download Lite plugin <= 1.2.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Subscribe to Download Lite versions = 1.2.9...

WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.03 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Webula Patchstack Alliance in WordPress Plugin SEO Plugin by Squirrly SEO versions = 12.4.03...

WordPress Conversios.io plugin <= 7.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Conversios.io versions = 7.2.3...

WordPress RomethemeKit For Elementor plugin <= 1.5.4 - Arbitrary Plugin Installation/Activation to RCE vulnerability

Arbitrary Plugin Installation/Activation to RCE vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin RTMKit versions = 1.5.4...

WordPress Traveler theme < 3.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Traveler versions 3.2.1...

WordPress Traveler theme < 3.2.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Traveler versions 3.2.1...