WordPress WP Mailster plugin <= 1.8.16.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Lam Que Chi Patchstack Alliance in WordPress Plugin WP Mailster versions = 1.8.16.0...

WordPress WP Mailster plugin <= 1.8.16.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WP Mailster versions = 1.8.16.0...

WordPress WP Mailster plugin <= 1.8.16.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WP Mailster versions = 1.8.16.0...

WordPress WordPress Auction Plugin plugin <= 3.7 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin WordPress Auction Plugin versions = 3.7...

WordPress WordPress Portfolio Builder – Portfolio Gallery plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin WordPress Portfolio Builder – Portfolio Gallery versions = 1.1.7...

WordPress Random Banner plugin <= 4.2.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Random Banner versions = 4.2.11...

WordPress Smart Marketing SMS and Newsletters Forms plugin <= 5.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Smart Marketing SMS and Newsletters Forms versions = 5.0.4...

WordPress SpatialMatch IDX plugin <= 3.0.9 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin SpatialMatch IDX versions = 3.0.9...

WordPress Donate Me plugin <= 1.2.5 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Donate Me versions = 1.2.5...

WordPress Pixobe Cartography plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Pixobe Cartography versions = 1.0.1...

WordPress Softtemplates For Elementor plugin <= 1.0.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Softtemplates For Elementor versions = 1.0.8...

WordPress WP Revisions Manager plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Marek Mikita Patchstack Alliance in WordPress Plugin WP Revisions Manager versions = 1.0.2...

WordPress Capitalize My Title WordPress plugin <= 0.5.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Capitalize My Title versions = 0.5.3...

WordPress WP Find Your Nearest plugin <= 0.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WP Find Your Nearest versions = 0.3.1...

WordPress Third Party Cookie Eraser plugin <= 1.0.2 - CSRF to Cross Site Scripting (XSS) vulnerability

CSRF to Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Third Party Cookie Eraser versions = 1.0.2...

WordPress PayPal Responder plugin <= 1.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin PayPal Responder versions = 1.2...

WordPress Post Carousel Slider for Elementor plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by ghsinfosec Patchstack Alliance in WordPress Plugin Post Carousel Slider for Elementor versions = 1.5.0...

WordPress Simple Popup plugin <= 4.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Simple Popup versions = 4.6...

WordPress Sugar Calendar (Lite) Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Sugar Calendar Lite Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.4.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10878 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8ef7ef64f31f Credits Peter Thaleik...

WordPress Fence URL plugin <= 2.0.0 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Fence URL versions = 2.0.0...