WordPress Pop-up plugin <= 1.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Pop-up versions = 1.2.3...

WordPress Ultimate Posts Widget plugin <= 2.2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Ultimate Posts Widget versions = 2.2.9...

WordPress SSL Mixed Content Fix plugin <= 3.2.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin SSL Mixed Content Fix versions = 3.2.6...

WordPress Hide Dashboard Notifications plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Hide Dashboard Notifications versions = 1.2.3...

WordPress Regenerate post permalink plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Regenerate post permalink versions = 1.0.3...

WordPress Header Footer Code Manager Pro Plugin <= 1.0.16 is vulnerable to Cross Site Scripting (XSS)

Software Header Footer Code Manager Pro Type Plugin Vulnerable versions = 1.0.16 Fixed in 1.0.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3473 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 7f73969b36b2 Credits...

WordPress cardealer plugin <= 4.15 - Content Injection vulnerability

Content Injection vulnerability discovered by Yash Chauhan Patchstack Alliance in WordPress Plugin Car Dealer versions = 4.15...

WordPress Advanced Most Recent Posts Mod plugin <= 1.6.5.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Advanced Most Recent Posts Mod versions = 1.6.5.2...

WordPress PopupAlly plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin PopupAlly versions = 2.1.1...

WordPress Solid Affiliate plugin <= 1.9.1 - Sensitive Data Exposure via Log File vulnerability

Sensitive Data Exposure via Log File vulnerability discovered by Francois Harvey Patchstack Alliance in WordPress Plugin Solid Affiliate versions = 1.9.1...

WordPress WP Page Post Widget Clone plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Do Minh Long Patchstack Alliance in WordPress Plugin WP Page Post Widget Clone versions = 1.0.1...

WordPress Piotnet Addons For Elementor Pro plugin <= 7.1.17 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Piotnet Addons For Elementor Pro versions = 7.1.17...

WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.1.3 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Yuchen Ji Patchstack Alliance in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.1.3...

WordPress SSU plugin <= 1.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin SSU versions = 1.5.0...

WordPress Smart Forms plugin <= 2.6.91 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Smart Forms versions = 2.6.91...

WordPress KB Support plugin <= 1.6.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin KB Support versions = 1.6.0...

WordPress Secure Copy Content Protection and Content Locking plugin <= 3.9.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Secure Copy Content Protection and Content Locking versions = 3.9.0...

WordPress WPPizza plugin <= 3.18.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WPPizza versions = 3.18.10...

WordPress User Meta plugin <= 3.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin User Meta versions = 3.0...

WordPress EPROLO Dropshipping plugin <= 1.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin EPROLO Dropshipping versions = 1.7.1...