WordPress AccessPress Root theme <= 2.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress AccessPress Root theme versions = 2.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor...

WordPress Zigcy Cosmetics theme <= 1.0.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Zigcy Cosmetics theme versions = 1.0.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor...

WordPress Doko theme <= 1.0.27 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Doko theme versions = 1.0.27. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores the...

WordPress VMagazine Lite theme <= 1.3.5 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress VMagazine Lite theme versions = 1.3.5. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor...

WordPress Accesspress Basic theme <= 3.2.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Accesspress Basic theme versions = 3.2.1. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor...

WordPress The Monday theme <= 1.4.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress The Monday theme versions = 1.4.1. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

WordPress FotoGraphy theme <= 2.4.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress FotoGraphy theme versions = 2.4.0. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

WordPress Zigcy Lite theme <= 2.0.9 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Zigcy Lite theme versions = 2.0.9. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

WordPress Ripple theme <= 1.2.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Ripple theme versions = 1.2.0. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores the...

WordPress StoreVilla theme <= 1.4.1 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress StoreVilla theme versions = 1.4.1. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

WordPress ScrollMe theme <= 2.1.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress ScrollMe theme versions = 2.1.0. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores th...

WordPress Swing Lite theme <= 1.1.9 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Swing Lite theme versions = 1.1.9. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

WordPress Agency Lite theme <= 1.1.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Agency Lite theme versions = 1.1.6. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores...

WordPress ParallaxSome theme <= 1.3.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress ParallaxSome theme versions = 1.3.6. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignore...

WordPress Sakala theme <= 1.0.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Lenon Leite Patchstack Red Team project in WordPress Sakala theme versions = 1.0.4. This theme uses a vulnerable piece of code related to previously identified vulnerability - CVE-2021-39317. Solution Deactivate and delete. The vendor ignores the...

WordPress Hide My WP premium plugin <= 6.2.3 - Unauthenticated SQL injection (SQLi) vulnerability

Unauthenticated SQL injection SQLi vulnerability discovered by Dave Jong Patchstack in WordPress Hide My WP premium plugin versions = 6.2.3. Solution Update the WordPress Hide My WP premium plugin to the latest available version at least 6.2.4...

WordPress Backup Migration plugin <= 1.1.5 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack in WordPress Backup Migration plugin versions = 1.1.5. Solution Update the WordPress Backup Migration plugin to the latest available version at least 1.1.6...

WordPress Contact Form Entries plugin <= 1.2.3 - Multiple Authenticated Reflected Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Reflected Cross-Site Scripting XSS vulnerabilities discovered by Ex.Mi Patchstack in WordPress Contact Form Entries plugin versions = 1.2.3. Solution Update the WordPress Contact Form Entries plugin to the latest available version at least 1.2.4...

WordPress Contact Form Entries plugin <= 1.2.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Ex.Mi Patchstack in WordPress Contact Form Entries plugin versions = 1.2.3. Solution Update the WordPress Contact Form Entries plugin to the latest available version at least 1.2.4...

WordPress Contact Form 7 Database Addon – CFDB7 plugin <= 1.2.5.9 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by Ex.Mi Patchstack in WordPress Contact Form 7 Database Addon – CFDB7 plugin versions = 1.2.5.9. Solution Update the WordPress Contact Form 7 Database Addon – CFDB7 plugin to the latest available version at least 1.2.6.1...