WordPress Tainacan plugin <= 0.21.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Tainacan versions = 0.21.3...

WordPress Elegant Blocks – Amazing Gutenberg Blocks plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Elegant Blocks versions = 1.7...

WordPress Fastly plugin <= 1.2.25 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Fastly versions = 1.2.25...

WordPress ChaosTheory theme <= 1.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme ChaosTheory versions = 1.3...

WordPress ChaosTheory Theme <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software ChaosTheory Type Theme Vulnerable versions = 1.3 Fixed in 1.3.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34766 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 5aa9368a599f Credits Rafie Muhammad Patchstack Required...

WordPress Elegant Blocks Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software Elegant Blocks Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34769 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7e0e4f032069 Credits 4rCanJ0x! Required privilege Contributor...

WordPress Magazine Blocks plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Magazine Blocks versions = 1.3.6...

WordPress Picture Gallery plugin <= 1.5.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Picture Gallery versions = 1.5.11...

WordPress FundEngine – Donation and Crowdfunding Platform plugin <= 1.6.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin FundEngine versions = 1.6.4...

WordPress Radio Player plugin <= 2.0.73 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Radio Player versions = 2.0.73...

WordPress Landing Page Builder <= 1.5.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Landing Page Builder versions = 1.5.1.8...

WordPress Popup – Popup More Popups plugin <= 2.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Rayhan Ramdhany Hanaputra Patchstack Alliance in WordPress Plugin Popup More Popups versions = 2.3.1...

WordPress Borderless Plugin <= 1.5.7 is vulnerable to Cross Site Scripting (XSS)

Software Borderless Type Plugin Vulnerable versions = 1.5.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34757 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6690481ece90 Credits Khalid Yusuf Required privilege Contributor...

WordPress Clearfy Cache plugin <= 2.3.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Clearfy Cache versions = 2.3.2...

WordPress JCH Optimize plugin <= 4.2.0 - Path Traversal vulnerability

Path Traversal vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin JCH Optimize versions = 4.2.0...

WordPress Niveau theme 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Niveau versions = 1.0.8...

WordPress Kognetiks Chatbot for WordPress plugin <= 2.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Kognetiks Chatbot for WordPress versions = 2.0.0...

WordPress Blocksy Companion Plugin <= 2.0.45 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Companion Type Plugin Vulnerable versions = 2.0.45 Fixed in 2.0.46 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4487 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 47cc317dca12 Credits wesley wcraft Requir...

WordPress JCH Optimize Plugin <= 4.2.0 is vulnerable to Path Traversal

Software JCH Optimize Type Plugin Vulnerable versions = 4.2.0 Fixed in 4.2.1 OWASP Top 10 A6: Security Misconfiguration Classification Path Traversal CVE CVE-2024-34808 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 076d61af6638 Credits Dhabaleshwar Das Required...

WordPress Gutenify plugin <= 1.4.0 - Sensitive Data Exposure via API vulnerability

Sensitive Data Exposure via API vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Gutenify versions = 1.4.0...