WordPress Contact Form 7 Database Addon – CFDB7 Plugin <= 1.2.6.8 is vulnerable to Sensitive Data Exposure

Software Contact Form 7 Database Addon – CFDB7 Type Plugin Vulnerable versions = 1.2.6.8 Fixed in 1.2.7 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-3870 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID b218289620d7 Credits Ti...

WordPress Realtyna Organic IDX plugin Plugin <= 4.14.4 is vulnerable to Cross Site Scripting (XSS)

Software Realtyna Organic IDX plugin Type Plugin Vulnerable versions = 4.14.4 Fixed in 4.14.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33924 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 9af5852216f6 Credits Muhammad Daffa...

WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software CodeBard's Patron Button and Widgets for Patreon Type Plugin Vulnerable versions = 2.2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33928 Patch priority Medium CVSS severity Medium 7.1 Developer Codebard PSID f0b671d6d681 Credits Le Ngoc...

WordPress WordPress Ad Widget plugin <= 2.20.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WordPress Ad Widget versions = 2.20.1...

WordPress Fan Page Widget by ThemeNcode plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Fan Page Widget by ThemeNcode versions = 2.0...

WordPress Smart Recent Posts Widget plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Smart Recent Posts Widget versions = 1.0.4...

WordPress Financio theme <= 1.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Financio versions = 1.1.3...

WordPress Teluro theme <= 1.0.31 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Teluro versions = 1.0.31...

WordPress Arconix FAQ plugin <= 1.9.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Arconix FAQ versions = 1.9.3...

WordPress Arconix Shortcodes plugin <= 2.1.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Arconix Shortcodes versions = 2.1.10...

WordPress Startupzy theme <= 1.1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Startupzy versions = 1.1.1...

WordPress Accountra theme <= 1.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Accountra versions = 1.0.3...

WordPress Pathway theme <= 1.0.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Pathway versions = 1.0.15...

WordPress Hugo WP theme <= 1.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Hugo WP versions = 1.0.8...

WordPress Althea WP theme <= 1.0.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Althea WP versions = 1.0.13...

WordPress Brite theme <= 1.0.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Brite versions = 1.0.11...

WordPress Colibri WP theme <= 1.0.94 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Colibri WP versions = 1.0.94...

WordPress Vertice theme <= 1.0.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Vertice versions = 1.0.7...

WordPress Intrace theme <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Intrace versions = 1.1.0...

WordPress Zeever theme <= 1.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Zeever versions = 1.1.0...