WordPress Real3D Flipbook PDF Viewer Lite plugin <= 3.71 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Real 3D FlipBook versions = 3.71...

WordPress gee Search Plus plugin <= 1.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin gee Search Plus versions = 1.4.4...

WordPress WOLF plugin <=1.0.8.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Elmini Patchstack Alliance in WordPress Plugin WOLF versions = 1.0.8.2...

WordPress Stockholm Core plugin <= 2.4.1 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Stockholm Core versions = 2.4.1...

WordPress Stockholm theme <= 9.6 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme Stockholm versions = 9.6...

WordPress WP Job Manager plugin <= 2.2.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin WP Job Manager versions = 2.2.2...

WordPress All-in-One Addons for Elementor – WidgetKit plugin <= 2.4.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Ray Wilson Patchstack Alliance in WordPress Plugin WidgetKit versions = 2.4.8...

WordPress weDocs plugin <= 2.1.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin weDocs versions = 2.1.4...

WordPress Easy Affiliate Links plugin <= 3.7.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin Easy Affiliate Links versions = 3.7.2...

WordPress DS Site Message plugin <= 1.14.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by umi Patchstack Alliance in WordPress Plugin DS Site Message versions = 1.14.4...

WordPress AI Engine plugin <= 2.2.63 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin AI Engine versions = 2.2.63...

WordPress Form Maker by 10Web plugin <= 1.15.24 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Huynh Tien Si Patchstack Alliance in WordPress Plugin Form Maker by 10Web versions = 1.15.24...

WordPress Aiomatic plugin <= 1.9.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Aiomatic versions = 1.9.3...

WordPress Better Elementor Addons plugin <=1.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Better Elementor Addons versions = 1.4.4...

WordPress One Click Demo Import Plugin <= 3.2.0 is vulnerable to PHP Object Injection

Software One Click Demo Import Type Plugin Vulnerable versions = 3.2.0 Fixed in 3.2.1 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-34433 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID a0133f0acd1f Credits ngductung Patchstack Alliance Requir...

WordPress Stockholm Core Plugin <= 2.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Stockholm Core Type Plugin Vulnerable versions = 2.4.1 Fixed in 2.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34553 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6ee301c14ad2 Credits Rafie Muhammad Patchstack Require...

WordPress Aiomatic Plugin <= 1.9.3 is vulnerable to Broken Access Control

Software Aiomatic Type Plugin Vulnerable versions = 1.9.3 Fixed in 1.9.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-34435 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5637a4c44c26 Credits Ananda Dhakal Patchstack Required...

WordPress AI Engine: ChatGPT Chatbot Plugin <= 2.2.63 is vulnerable to Arbitrary File Upload

Software AI Engine: ChatGPT Chatbot Type Plugin Vulnerable versions = 2.2.63 Fixed in 2.2.70 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-34440 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID a15a1b99d985 Credits stealthcopter Required...

WordPress Brozzme Scroll Top plugin <= 1.8.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Brozzme Scroll Top versions = 1.8.5...

WordPress Featured Content Gallery plugin <= 3.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Featured Content Gallery versions = 3.2.0...