WordPress WP ADA Compliance Check Basic plugin <= 3.1.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin WP ADA Compliance Check Basic versions = 3.1.3...

WordPress Accessibility Widget plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Accessibility Widget versions = 2.2...

WordPress VK Block Patterns plugin <= 1.31.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin VK Block Patterns versions = 1.31.0...

WordPress Evergreen Content Poster plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Evergreen Content Poster versions = 1.4.2...

WordPress Reviews Plus plugin <= 1.3.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Reviews Plus versions = 1.3.4...

WordPress Total Poll Lite plugin <= 4.9.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Total Poll Lite versions = 4.9.9...

WordPress Import and export users and customers plugin <= 1.26.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Trình Vũ / Sonicrrrr from VNPT-VCI Patchstack Alliance in WordPress Plugin Import and export users and customers versions = 1.26.2...

WordPress Combo Blocks plugin <= 2.2.78 - Sensitive Data Exposure via API vulnerability

Sensitive Data Exposure via API vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Post Grid and Gutenberg Blocks versions = 2.2.78...

WordPress All-in-one Like Widget plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin All-in-one Like Widget versions = 2.2.7...

WordPress ShortPixel Critical CSS plugin <= 1.0.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin ShortPixel Critical CSS versions = 1.0.2...

WordPress ActiveDEMAND plugin <= 0.2.41 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin ActiveDEMAND versions = 0.2.41...

WordPress ProfileGrid plugin <= 5.7.9 - Insecure Direct Object Reference (IDOR) vulnerability

Insecure Direct Object Reference IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin ProfileGrid versions = 5.7.9...

WordPress Headline Analyzer plugin <= 1.3.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Headline Analyzer versions = 1.3.3...

WordPress Social Snap plugin <= 1.3.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Social Snap versions = 1.3.5...

WordPress SuperFaktura WooCommerce plugin <= 1.40.3 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin SuperFaktura WooCommerce versions = 1.40.3...

WordPress Better Messages plugin <= 2.4.32 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin BP Better Messages versions = 2.4.32...

WordPress Widget Post Slider plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Widget Post Slider versions = 1.3.5...

WordPress Easy Property Listings plugin <= 3.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Easy Property Listings versions = 3.5.3...

WordPress Paid Memberships Pro plugin <= 2.12.10 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Paid Memberships Pro versions = 2.12.10...

WordPress Seers plugin <= 8.0.6 - Cross Site Request Forgery (CSRF) to XSS vulnerability

Cross Site Request Forgery CSRF to XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Seers versions = 8.1.0...