WordPress Simple Baseball Scoreboard plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Simple Baseball Scoreboard versions = 1.3...

WordPress Restaurant Reservations Widget Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Restaurant Reservations Widget Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-48023 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f10452fd1d3d Credits Mika Required privile...

WordPress Contact Form Widget Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form Widget Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-48037 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5cb5ac9f9e50 Credits Abdi Pranata...

WordPress Backup and Staging by WP Time Capsule plugin <= 1.22.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Backup and Staging by WP Time Capsule versions = 1.22.21...

WordPress Shortcode For Elementor Templates Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcode For Elementor Templates Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-48022 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8dd15551ed8 Credits ghsinfosec Required...

WordPress Auto iFrame Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Auto iFrame Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9449 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 731554979a26 Credits tjoffe Required privilege Author...

WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 – PayPal & Stripe Add-on Type Plugin Vulnerable versions = 2.3 Fixed in 2.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-48021 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0e2541d5dd28 Credits Le Ngoc An...

WordPress PDF Image Generator Plugin <= 1.5.6 is vulnerable to Cross Site Scripting (XSS)

Software PDF Image Generator Type Plugin Vulnerable versions = 1.5.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9241 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 787de1e230e7 Credits vgo0 Required...

WordPress WP Search Analytics Plugin <= 1.4.10 is vulnerable to Cross Site Scripting (XSS)

Software WP Search Analytics Type Plugin Vulnerable versions = 1.4.10 Fixed in 1.4.11 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9209 Patch priority Medium CVSS severity Medium 7.1 Developer Cornel Raiu PSID 95b75262f4d2 Credits vgo0 Required...

WordPress Copyscape Premium plugin <= 1.3.9 - CSRF to Stored Cross-Site Scripting vulnerability

CSRF to Stored Cross-Site Scripting vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Copyscape Premium versions = 1.3.9...

WordPress LiteSpeed Cache plugin <= 6.4.1 - Path Traversal vulnerability

Path Traversal vulnerability discovered by TaiYou Patchstack Alliance in WordPress Plugin LiteSpeed Cache versions = 6.4.1...

WordPress WP JobSearch plugin <= 2.5.9 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin JobSearch versions = 2.5.9...

WordPress TinyPNG plugin <= 3.4.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin TinyPNG versions = 3.4.3...

WordPress DethemeKit For Elementor plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin DethemeKit For Elementor versions = 2.1.7...

WordPress WP Travel Gutenberg Blocks plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin WP Travel Gutenberg Blocks versions = 3.6.0...

WordPress Gallery Lightbox plugin <= 1.0.0.39 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Gallery Lightbox versions = 1.0.0.39...

WordPress Advanced Woo Labels plugin <= 2.01 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Advanced Woo Labels versions = 2.01...

WordPress Quill Forms plugin <= 3.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Quill Forms versions = 3.7.0...

WordPress Unlimited Elements for Elementor plugin <= 1.5.121 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 1.5.121...

WordPress Search Atlas SEO plugin <= 1.8.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Robert DeVore Patchstack Alliance in WordPress Plugin Search Atlas SEO versions = 1.8.2...