WordPress Prodigy Commerce plugin <= 3.1.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Khalid Yusuf Patchstack Alliance in WordPress Plugin Prodigy Commerce versions = 3.1.2...

WordPress Advanced Options Editor plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Advanced Options Editor versions = 1.0...

WordPress Elite Notification plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Elite Notification versions = 1.5...

WordPress Board Document Manager from CHUHPL plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Board Document Manager from CHUHPL versions = 1.9.1...

WordPress Advanced Control Manager plugin <= 2.16.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Advanced Control Manager for WordPress by ItalyStrap versions = 2.16.0...

WordPress Ni WooCommerce Order Export plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Ni WooCommerce Order Export versions = 3.1.6...

WordPress SV100 Companion plugin <= 2.0.02 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin SV100 Companion versions = 2.0.02...

WordPress Wot Elementor Widgets plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Wot Elementor Widgets versions = 1.0.1...

WordPress FAT Services Booking plugin <= 5.6 - Subscriber+ Site-Wide Cross Site Scripting (XSS) vulnerability

Subscriber+ Site-Wide Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin FAT Services Booking versions = 5.6...

WordPress ARForms plugin <= 6.4.1 - Subscriber+ Plugin Settings Change vulnerability

Subscriber+ Plugin Settings Change vulnerability discovered by Dave Jong Patchstack in WordPress Plugin ARForms versions = 6.4.1...

WordPress Revy plugin <= 1.18 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Revy versions = 1.18...

WordPress Magical Addons For Elementor plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Magical Addons For Elementor versions = 1.3.6...

WordPress Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin <= 1.5.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Borderless versions = 1.5.8...

WordPress WordPress Auction Plugin plugin <= 3.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin WordPress Auction Plugin versions = 3.7...

WordPress WPCasa plugin <= 1.2.13 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin WPCasa versions = 1.2.13...

WordPress FileBird Lite plugin <= 6.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Filebird versions = 6.3.2...

WordPress Pie Register Premium plugin < 3.8.3.3 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Pie Register Premium versions 3.8.3.3...

WordPress Pie Register Premium plugin < 3.8.3.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Pie Register Premium versions 3.8.3.3...

WordPress Acowebs Product Labels For Woocommerce plugin <= 1.5.8 - SQL Injection vulnerability

SQL Injection vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin Product Labels For Woocommerce versions = 1.5.8...

WordPress Pinpoint Booking System plugin <= 2.9.9.5.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Pinpoint Booking System versions = 2.9.9.5.1...