WordPress LH QR Codes plugin <= 1.06 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin LH QR Codes versions = 1.06...

WordPress Awesome Progress Bar plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Awesome Progress Bar versions = 1.0.13...

WordPress Advanced Control Manager plugin <= 2.16.0 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by Gab Patchstack Alliance in WordPress Plugin Advanced Control Manager for WordPress by ItalyStrap versions = 2.16.0...

WordPress (dp) AddThis plugin <= 1.0.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin dp AddThis versions = 1.0.2...

WordPress Show Visitor IP Address plugin <= 0.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Show Visitor IP Address versions = 0.2...

WordPress Super Addons for Elementor Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Super Addons for Elementor Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51588 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c260921bb488 Credits Gab Required privilege...

WordPress ML Responsive Audio player with playlist Shortcode Plugin <= 0.2 is vulnerable to Cross Site Scripting (XSS)

Software ML Responsive Audio player with playlist Shortcode Type Plugin Vulnerable versions = 0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51573 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3027c5f59333 Credits SOPROBR...

WordPress Step by Step plugin <= 0.4.5 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Step by Step versions = 0.4.5...

WordPress World Prayer Time plugin <= 2.0 - CSRF to Reflected Cross Site Scripting (XSS) vulnerability

CSRF to Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin World Prayer Time versions = 2.0...

WordPress Stars SMTP Mailer plugin <= 2.2.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Stars SMTP Mailer versions = 2.2.1...

WordPress Training – Courses plugin <= 2.0.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Training – Courses versions = 2.0.1...

WordPress Administrator Z plugin < 2024.10.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Administrator Z versions 2024.10.21...

WordPress All Post Contact Form plugin <= 1.8.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin All Post Contact Form versions = 1.8.2...

WordPress Ancient World Linked Data plugin <= 0.2.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Zlrqh Patchstack Alliance in WordPress Plugin Ancient World Linked Data versions = 0.2.1...

WordPress Pricer Ninja plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Pricer Ninja versions = 2.1.0...

WordPress All Post Contact Form Plugin <= 1.7.8 is vulnerable to Arbitrary File Upload

Software All Post Contact Form Type Plugin Vulnerable versions = 1.7.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50523 Patch priority High CVSS severity High 10 Developer Claim ownership PSID f181d8f37094 Credits stealthcopter Required privilege...

WordPress Plug your WooCommerce into the largest catalog of customized print products from Helloprint Plugin <= 2.0.2 is vulnerable to Arbitrary File Upload

Software Plug your WooCommerce into the largest catalog of customized print products from Helloprint Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50525 Patch priority High CVSS severity High 10 Developer Claim...

WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by ghsinfosec Patchstack Alliance in WordPress Plugin Woocommerce Product Design versions = 1.0.0...

WordPress DS.DownloadList plugin <= 1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin DS.DownloadList versions = 1.3...

WordPress User Toolkit plugin <= 1.2.3 - Account Takeover vulnerability

Account Takeover vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin User Toolkit versions = 1.2.3...