WordPress CookieHub plugin <= 1.1.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin CookieHub versions = 1.1.0...

WordPress Advanced Testimonial Carousel for Elementor plugin <= 3.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Advanced Testimonial Carousel for Elementor versions = 3.0.0...

WordPress Contest Gallery plugin <= 21.3.4 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin Contest Gallery versions = 21.3.4...

WordPress AppPresser plugin <= 4.3.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin AppPresser versions = 4.3.0...

WordPress BizPrint plugin <= 4.3.39 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin BizPrint versions = 4.3.39...

WordPress ChatBot Conversational Forms plugin <= 1.1.8 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Conversational Forms for ChatBot versions = 1.1.8...

WordPress SharkDropship and Affiliate for AliExpress, eBay, Amazon, Etsy plugin <= 2.1.1 - Arbitrary Content Deletion vulnerability

Arbitrary Content Deletion vulnerability discovered by Emili Castells Patchstack Alliance in WordPress Plugin Sharkdropship dropshipping for Aliexpress, eBay, Amazon, etsy versions = 2.1.1...

WordPress Coupon & Discount Code Reveal Button plugin <=1.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Coupon & Discount Code Reveal Button versions = 1.2.5...

WordPress The Pack Elementor addons plugin <= 2.0.8.2 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin The Pack Elementor addons versions = 2.0.8.2...

WordPress StreamWeasels Twitch Integration plugin <= 1.7.8 - API Sensitive Data Exposure vulnerability

API Sensitive Data Exposure vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin StreamWeasels Twitch Integration versions = 1.7.8...

WordPress Academy LMS plugin <= 1.9.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Academy LMS versions = 1.9.16...

WordPress AI Post Generator | AutoWriter plugin <= 3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin AI Post Generator | AutoWriter versions = 3.3...

WordPress myCred plugin <= 2.6.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin myCred versions = 2.6.3...

WordPress WP-Recall plugin <= 16.26.5 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin WP-Recall versions = 16.26.5...

WordPress Maintenance Mode plugin <= 3.0.1 - IP Bypass vulnerability

IP Bypass vulnerability discovered by LeNgocHoa Patchstack Alliance in WordPress Plugin Maintenance Mode by helderk versions = 3.0.1...

WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary Plugin Activation/Deactivation Vulnerability

Subscriber+ Arbitrary Plugin Activation/Deactivation Vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4...

WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary WordPress Options Removal vulnerability

Subscriber+ Arbitrary WordPress Options Removal vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4...

WordPress ARForms plugin <= 6.4 - Subscriber+ Arbitrary File Deletion vulnerability

Subscriber+ Arbitrary File Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4...

WordPress ARForms plugin <= 6.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4...

WordPress InstaWP Connect plugin <= 0.1.0.24 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin InstaWP Connect versions = 0.1.0.24...