WordPress WP Compress plugin <= 6.20.13 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin WP Compress versions = 6.20.13...

WordPress Page-list plugin <= 5.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by kslatz Patchstack Alliance in WordPress Plugin Page-list versions = 5.6...

WordPress Web Directory Free plugin <= 1.7.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Certus Cybersecurity Patchstack Alliance in WordPress Plugin Web Directory Free versions = 1.7.3...

WordPress Author Avatars List/Block plugin <= 2.1.21 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0tter Patchstack Alliance in WordPress Plugin Author Avatars List/Block versions = 2.1.21...

WordPress Social Auto Poster plugin <= 5.3.15 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Social Auto Poster versions = 5.3.15...

WordPress Blockspare plugin <= 3.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NGÔ THIÊN AN Patchstack Alliance in WordPress Plugin Blockspare versions = 3.2.4...

WordPress Depicter plugin <= 3.2.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Depicter Slider versions = 3.2.2...

WordPress Popup Maker plugin <= 1.19.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Popup Maker versions = 1.19.2...

WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by TaiYou Patchstack Alliance in WordPress Plugin LiteSpeed Cache versions = 6.5.0.2...

WordPress WP Bulk Delete plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin WP Bulk Delete versions = 1.3.1...

WordPress YITH WooCommerce Ajax Search plugin <= 2.8.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin YITH WooCommerce Ajax Search versions = 2.8.0...

WordPress WPMobile.App plugin <= 11.50 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin WPMobile.App versions = 11.50...

WordPress WPMobile.App Plugin <= 11.50 is vulnerable to Cross Site Scripting (XSS)

Software WPMobile.App Type Plugin Vulnerable versions = 11.50 Fixed in 11.51 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47349 Patch priority Medium CVSS severity Medium 7.1 Developer Amauri.IO PSID 2b4c2451b882 Credits Le Ngoc Anh Required privilege...

WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.121 is vulnerable to Cross Site Scripting (XSS)

Software Unlimited Elements For Elementor Free Widgets, Addons, Templates Type Plugin Vulnerable versions = 1.5.121 Fixed in 1.5.122 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-45454 Patch priority Medium CVSS severity Medium 7.1 Developer Unlimited Elements PS...

WordPress Depicter Slider Plugin <= 3.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Depicter Slider Type Plugin Vulnerable versions = 3.2.2 Fixed in 3.5.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47381 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c88e18af2d73 Credits savphill Required privilege Editor...

WordPress Elementor Addon Elements Plugin <= 1.13.6 is vulnerable to Broken Access Control

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.13.6 Fixed in 1.13.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47361 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 2e7a1c5b31a1 Credits Rafie Muhammad Patchstack...

WordPress EU/UK VAT Manager for WooCommerce Plugin <= 2.12.12 is vulnerable to Cross Site Scripting (XSS)

Software EU/UK VAT Manager for WooCommerce Type Plugin Vulnerable versions = 2.12.12 Fixed in 2.12.14 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8788 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6156bb422739...

WordPress TinyPNG Plugin <= 3.4.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software TinyPNG Type Plugin Vulnerable versions = 3.4.3 Fixed in 3.4.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-47635 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 9470f9a7ceb0 Credits Rafie Muhammad Patchstack...

WordPress Automatically Hierarchic Categories in Menu Plugin <= 2.0.5 is vulnerable to Cross Site Scripting (XSS)

Software Automatically Hierarchic Categories in Menu Type Plugin Vulnerable versions = 2.0.5 Fixed in 2.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47365 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f5046a3cf120 Credits theviper17...

WordPress Newsletters plugin <= 4.9.9.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Newsletters versions = 4.9.9.1...