WordPress Woocommerce Product Design Plugin <= 1.0.0 is vulnerable to Arbitrary File Deletion

Software Woocommerce Product Design Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2024-50509 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 072219981f36 Credits ghsinfosec...

WordPress AR For Woocommerce Plugin <= 6.2 is vulnerable to Arbitrary File Upload

Software AR For Woocommerce Type Plugin Vulnerable versions = 6.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50510 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 0f17a15dfdf4 Credits João Pedro S Alcântara Kinorth Required...

WordPress WP Query Console plugin <= 1.0 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin WP Query Console versions = 1.0...

WordPress Sudan Payment Gateway for WooCommerce plugin <= 1.2.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Sudan Payment Gateway for WooCommerce versions = 1.2.2...

WordPress Automatic Translation plugin <= 1.0.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Automatic Translation versions = 1.0.4...

WordPress ScottCart plugin <= 1.1 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin ScottCart versions = 1.1...

WordPress Token Login plugin <= 1.0.3 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Token Login versions = 1.0.3...

WordPress Exam Matrix plugin <= 1.5 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by ghsinfosec Patchstack Alliance in WordPress Plugin Exam Matrix versions = 1.5...

WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Multi Purpose Mail Form versions = 1.0.2...

WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Woocommerce Product Design versions = 1.0.0...

WordPress Bstone Demo Importer plugin <= 1.0.1 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Bstone Demo Importer versions = 1.0.1...

WordPress Marketing Automation by AZEXO plugin <= 1.27.80 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin Marketing Automation by AZEXO versions = 1.27.80...

WordPress 1-Click Login: Passwordless Authentication plugin 1.4.5 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin 1-Click Login: Passwordless Authentication versions 1.4.5...

WordPress Token Login Plugin <= 1.0.3 is vulnerable to Broken Authentication

Software Token Login Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50488 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 18531b1d1720 Credits stealthcopte...

WordPress Automatic Translation Plugin <= 1.0.4 is vulnerable to Arbitrary File Upload

Software Automatic Translation Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50493 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 232ff15e2c6e Credits stealthcopter Required privilege...

WordPress Stacks Mobile App Builder Plugin <= 5.2.3 is vulnerable to Broken Authentication

Software Stacks Mobile App Builder Type Plugin Vulnerable versions = 5.2.3 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-50477 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 02ff662824ca Credit...

WordPress Raptor Editor plugin <= 1.0.20 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Raptor Editor versions = 1.0.20...

WordPress Premium SEO Pack plugin <= 1.6.001 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Premium SEO Pack versions = 1.6.001...

WordPress Interactive World Map plugin <= 3.4.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Sc1duck Patchstack Alliance in WordPress Plugin Interactive World Map versions = 3.4.4...

WordPress EmbedPress plugin <= 4.0.14 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Thanayut Maktheppongt Patchstack Alliance in WordPress Plugin EmbedPress versions = 4.0.14...