WordPress WP Social Comments plugin <= 1.7.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Friday Patchstack Alliance in WordPress Plugin WP Social Comments versions = 1.7.3...

WordPress Backup Migration plugin <= 1.4.3 - Sensitive Data Exposure via Log vulnerability

Sensitive Data Exposure via Log vulnerability discovered by emad Patchstack Alliance in WordPress Plugin Backup Migration versions = 1.4.3...

WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability

Review Score Manipulation vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress WP Ultimate Review plugin <= 2.2.5 - Broken Access Control on Review vulnerability

Broken Access Control on Review vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress WP Ultimate Review plugin <= 2.2.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin Wp Ultimate Review versions = 2.2.5...

WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.13.2...

WordPress Prime Slider plugin <= 3.13.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Prime Slider – Addons For Elementor versions = 3.13.2...

WordPress HUSKY plugin <= 1.3.5.2 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin HUSKY versions = 1.3.5.2...

WordPress Shared Files plugin <= 1.7.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Shared Files versions = 1.7.16...

WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Insecure Direct Object References (IDOR)

Software Wp Ultimate Review Type Plugin Vulnerable versions = 2.2.5 Fixed in 2.3.0 OWASP Top 10 A1: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2024-32683 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7b452df5fd16 Credits Kyle...

WordPress Support Genix plugin <= 1.2.3 - Broken Access Control lead to Arbitrary File Upload vulnerability

Broken Access Control lead to Arbitrary File Upload vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Support Genix versions = 1.2.3...

WordPress WP-Recall plugin <= 16.26.5 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin WP-Recall versions = 16.26.5...

WordPress Popup Anything plugin <= 2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Popup Anything versions = 2.8...

WordPress WP Dummy Content Generator plugin <= 3.2.1 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin WP Dummy Content Generator versions = 3.2.1...

WordPress WP Smart Import plugin <= 1.0.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin WP Smart Import versions = 1.0.7...

WordPress DSGVO Youtube plugin <= 1.4.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin DSGVO Youtube versions = 1.4.5...

WordPress Attesa Extra plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Attesa Extra versions = 1.3.9...

WordPress Void Elementor WHMCS Elements For Elementor Page Builder plugin <= 2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Void Elementor WHMCS Elements For Elementor Page Builder versions = 2.0...

WordPress Gutenberg Block Editor Toolkit plugin <= 1.40.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Gutenberg Block Editor Toolkit versions = 1.40.4...

WordPress Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by wpdabh Patchstack Alliance in WordPress Plugin Restaurant Menu – Food Ordering System – Table Reservation versions = 2.4.1...