WordPress Mega Elements plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin Mega Elements versions = 1.1.9...

WordPress WP 2FA plugin <= 2.6.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin WP 2FA versions = 2.6.2...

WordPress WP Club Manager plugin <= 2.2.11 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by CatFather Patchstack Alliance in WordPress Plugin WP Club Manager versions = 2.2.11...

WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Z Y N I T H versions = 7.4.9...

WordPress eCommerce Product Catalog plugin <= 3.3.32 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin eCommerce Product Catalog versions = 3.3.32...

WordPress HurryTimer plugin <=2.9.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin HurryTimer versions = 2.9.2...

WordPress Knight Lab Timeline plugin <=3.9.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Knight Lab Timeline versions = 3.9.3.4...

WordPress Superfly Menu plugin <= 5.0.25 - Subscriber+ Site-Wide Stored Cross Site Scripting (XSS) vulnerability

Subscriber+ Site-Wide Stored Cross Site Scripting XSS vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Superfly Menu versions = 5.0.25...

WordPress Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Taggbox versions = 3.2...

WordPress PeproDev CF7 Database Plugin <= 1.8.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software PeproDev CF7 Database Type Plugin Vulnerable versions = 1.8.0 Fixed in 1.9.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41864 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3d141a658694 Credits RE-ALTER...

WordPress Navigation menu as Dropdown Widget Plugin <= 1.3.4 is vulnerable to Cross Site Scripting (XSS)

Software Navigation menu as Dropdown Widget Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32126 Patch priority Low CVSS severity Low 5.9 Developer Jeroen Peters PSID 5c32e593787a Credits Joshua Chan Required...

WordPress Import Content in WordPress & WooCommerce with Excel Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Content in WordPress & WooCommerce with Excel Type Plugin Vulnerable versions = 4.2 Fixed in 4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32585 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 597c127e874d Credits...

WordPress Superfly Menu Plugin <= 5.0.25 is vulnerable to Cross Site Scripting (XSS)

Software Superfly Menu Type Plugin Vulnerable versions = 5.0.25 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32553 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6079596969f5 Credits Dave Jong Patchstack Required...

WordPress WP 404 Auto Redirect to Similar Post Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software WP 404 Auto Redirect to Similar Post Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32559 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c85034ba240a Credits AtaTurk1925...

WordPress TeraWallet – For WooCommerce Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)

Software TeraWallet – For WooCommerce Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32584 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3858d275e8c9 Credits Joshua Chan Required...

WordPress WP Club Manager Plugin <= 2.2.11 is vulnerable to Cross Site Scripting (XSS)

Software WP Club Manager Type Plugin Vulnerable versions = 2.2.11 Fixed in 2.2.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-32566 Patch priority Low CVSS severity Low 6.5 Developer WP Club Manager PSID 673c46e5f536 Credits CatFather Required...

WordPress Ovic Responsive WPBakery Plugin <= 1.3.0 is vulnerable to Broken Access Control

Software Ovic Responsive WPBakery Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32142 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 35ffc13b78da Credits Skalucy Required...

WordPress Related Posts for WordPress plugin <= 4.0.3 - CSRF to XSS vulnerability

CSRF to XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Related Posts for WordPress versions = 4.0.3...

WordPress Netgsm plugin <= 2.8 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Netgsm versions = 2.8...

WordPress Bulk Block Converter plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Bulk Block Converter versions = 1.0.1...