WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability

File Password Lock Bypass vulnerability discovered by Liu Shaohong Patchstack Alliance in WordPress Plugin Download Manager versions = 3.2.82...

WordPress BA Book Everything plugin <= 1.6.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Thanh Nam Tran Patchstack Alliance in WordPress Plugin BA Book Everything versions = 1.6.4...

WordPress User Activity Log Pro Plugin <= 2.3.4 is vulnerable to SQL Injection

Software User Activity Log Pro Type Plugin Vulnerable versions = 2.3.4 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-32137 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 2210c42a0a13 Credits Dave Jong Patchstack Required privilege...

WordPress Fatal Error Notify Plugin <= 1.5.2 is vulnerable to Broken Access Control

Software Fatal Error Notify Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32455 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6f9eea9e690c Credits Abdi Pranata Required...

WordPress Leadinfo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Leadinfo versions = 1.0...

WordPress Finale Lite plugin <= 2.18.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Finale Lite versions = 2.18.0...

WordPress WP Compress plugin <= 6.10.35 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin WP Compress versions = 6.10.35...

WordPress TOP Table Of Contents plugin <= 1.3.15 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin TOP Table Of Contents versions = 1.3.15...

WordPress Crony Cronjob Manager plugin <= 0.5.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Crony Cronjob Manager versions = 0.5.0...

WordPress Advanced Page Visit Counter plugin <= 8.0.6 - Auth. SQL Injection (SQLi) vulnerability

Auth. SQL Injection SQLi vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Advanced Page Visit Counter versions = 8.0.6...

WordPress GEO my WordPress plugin <= 4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin GEO my WordPress versions = 4.1...

WordPress Citadela Listing plugin < 5.20.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Citadela Listing versions 5.20.0...

WordPress Easy Logo plugin <= 1.9.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Cronus Patchstack Alliance in WordPress Plugin Easy Logo versions = 1.9.3...

WordPress Search Keyword Redirect plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sharanabasappa Patchstack Alliance in WordPress Plugin Search Keyword Redirect versions = 1.0...

WordPress NextMove Lite Plugin <= 2.18.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software NextMove Lite Type Plugin Vulnerable versions = 2.18.1 Fixed in 2.18.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32104 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 05bc79c592e5 Credits Dhabaleshwar Das...

WordPress X-T9 theme <= 1.19.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme X-T9 versions = 1.19.0...

WordPress Simple Post Notes plugin <= 1.7.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Brandon Roldan Patchstack Alliance in WordPress Plugin Simple Post Notes versions = 1.7.6...

WordPress Blocksy Companion plugin <= 2.0.28 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by FearZzZz Patchstack Alliance in WordPress Plugin Blocksy Companion versions = 2.0.28...

WordPress Top Bar plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Joel Indra Patchstack Alliance in WordPress Plugin Top Bar versions = 3.0.5...

WordPress WP Login and Logout Redirect plugin <= 1.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin WP Login and Logout Redirect versions = 1.2...