WordPress Product Carousel Slider & Grid Ultimate for WooCommerce Plugin <= 1.9.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Product Carousel Slider & Grid Ultimate for WooCommerce Type Plugin Vulnerable versions = 1.9.3 Fixed in 1.9.4 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

WordPress Meta Slider Plugin <= 3.29.0 is vulnerable to Cross Site Scripting (XSS)

Software Meta Slider Type Plugin Vulnerable versions = 3.29.0 Fixed in 3.29.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2e34a11fb393 Credits WordFence Required privilege...

WordPress Product Feed PRO for WooCommerce Plugin <= 12.4.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Product Feed PRO for WooCommerce Type Plugin Vulnerable versions = 12.4.4 Fixed in 12.4.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-46793 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f469aaf3b8e7 Credits...

WordPress Elementor Addons, Widgets and Enhancements – Stax Plugin <= 1.4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Elementor Addons, Widgets and Enhancements – Stax Type Plugin Vulnerable versions = 1.4.3 Fixed in 1.4.4.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

WordPress Wiremo – Product Reviews for WooCommerce Plugin <= 1.4.96 is vulnerable to Cross Site Request Forgery (CSRF)

Software Wiremo – Product Reviews for WooCommerce Type Plugin Vulnerable versions = 1.4.96 Fixed in 1.4.97 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2d39700f9e9f...

WordPress WP Mail Logging Plugin <= 1.10.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Mail Logging Type Plugin Vulnerable versions = 1.10.5 Fixed in 1.11.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 8badb5d1d476 Credits István Márton...

WordPress wePOS – Point Of Sale (POS) for WooCommerce Plugin <= 1.2.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software wePOS – Point Of Sale POS for WooCommerce Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47150 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 48be28a5ac74...

WordPress Product Watermark for WooCommerce Plugin <= 1.3.5.6 is vulnerable to Broken Access Control

Software Product Watermark for WooCommerce Type Plugin Vulnerable versions = 1.3.5.6 Fixed in 1.3.5.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 83199b91f3d5 Credits István...

WordPress Contact Form Email Plugin <= 1.3.31 is vulnerable to Other Vulnerability Type

Software Contact Form Email Type Plugin Vulnerable versions = 1.3.31 Fixed in 1.3.32 OWASP Top 10 A5: Broken Access Control Classification Other Vulnerability Type CVE CVE-2023-28494 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1b66482cfee4 Credits István Márton Require...

WordPress Min and Max Quantity for WooCommerce Plugin <= 1.3.2.6 is vulnerable to Broken Access Control

Software Min and Max Quantity for WooCommerce Type Plugin Vulnerable versions = 1.3.2.6 Fixed in 1.3.2.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID d01f544d9c9e Credits Istv...

WordPress Products Suggestions for WooCommerce Plugin <= 3.5.7.6 is vulnerable to Broken Access Control

Software Products Suggestions for WooCommerce Type Plugin Vulnerable versions = 3.5.7.6 Fixed in 3.5.7.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45813 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 2035a8efcc94 Credits Istv...

WordPress Be POPIA Compliant Plugin <= 1.2.0 is vulnerable to SQL Injection

Software Be POPIA Compliant Type Plugin Vulnerable versions = 1.2.0 Fixed in 1.3.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-47445 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 90e83cd07291 Credits Team WeBoB Required privilege Unauthenticate...

WordPress Store Locator Plugin <= 3.98.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Store Locator Type Plugin Vulnerable versions = 3.98.7 Fixed in 3.98.8 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47446 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 403399253298 Credits rezaduty Required...

WordPress Admin side data storage for Contact Form 7 Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Admin side data storage for Contact Form 7 Type Plugin Vulnerable versions = 1.1.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24420 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID dcc5858412a7...

WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Basic Elements Type Plugin Vulnerable versions = 5.2.15 Fixed in 5.3.0 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47139 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ecb46d9d2adc Credits rezaduty Require...

WordPress Brilliance Theme <= 1.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Brilliance Type Theme Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-28171 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 3d9a1effb3cc Credits Dave Jong Patchstack...

WordPress Regina Lite Theme <= 2.0.7 is vulnerable to Cross Site Scripting (XSS)

Software Regina Lite Type Theme Vulnerable versions = 2.0.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27619 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f6aa017d18b1 Credits Dave Jong Patchstack Required...

WordPress Popup Maker Plugin <= 1.17.1 is vulnerable to Broken Access Control

Software Popup Maker Type Plugin Vulnerable versions = 1.17.1 Fixed in 1.18.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-45819 Patch priority Low CVSS severity Low 3.5 Developer Claim ownership PSID 88c15bfdb17a Credits István Márton Required privileg...

WordPress WP Google Map Plugin Plugin <= 4.4.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Google Map Plugin Type Plugin Vulnerable versions = 4.4.2 Fixed in 4.4.3 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-28172 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 49e753e2af88 Credits Rafie Muhammad...

WordPress Robo Gallery Plugin <= 3.2.12 is vulnerable to Cross Site Scripting (XSS)

Software Robo Gallery Type Plugin Vulnerable versions = 3.2.12 Fixed in 3.2.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27620 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0d689194a771 Credits Rafshanzani Suhada...