WordPress Awesome Support plugin <= 6.3.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Awesome Support versions = 6.3.1...

WordPress plugin WP Custom Admin Interface 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Blaze Online eParcel for WooCommerce plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin Blaze Online eParcel for WooCommerce versions = 1.3.3...

WordPress ARMember plugin <= 4.0.51 - Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability

Authenticated Subscriber+ Arbitrary Shortcode Execution vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin ARMember versions = 4.0.51...

WordPress FV Flowplayer Video Player plugin <= 7.5.47.7212 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via FancyBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin FV Flowplayer Video Player versions = 7.5.47.7212...

WordPress Maspik plugin <= 2.2.7 - CSRF to Settings Change vulnerability

CSRF to Settings Change vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Maspik – Spam blacklist versions = 2.2.7...

WordPress Photo Video Store plugin <= 21.07 - CSRF to Cross Site Scripting (XSS) vulnerability

CSRF to Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Photo Video Store versions = 21.07...

WordPress WP Find Your Nearest plugin <= 0.3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WP Find Your Nearest versions = 0.3.1...

WordPress CRM Perks plugin <= 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin CRM Perks versions = 1.1.5...

WordPress GEO My WordPress plugin < 4.5 - Admin+ Arbitrary File Upload vulnerability

Admin+ Arbitrary File Upload vulnerability discovered by Michael Dyrna in WordPress Plugin GEO my WordPress versions 4.5...

WordPress Sticky Social Icons plugin <= 1.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Sticky Social Icons versions = 1.2.1...

WordPress plugin Post SMTP SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Razorpay Payment Button for Elementor plugin <= 1.2.5 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Razorpay Payment Button Elementor Plugin versions = 1.2.5...

WordPress plugin LH QR Codes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin WooCommerce Support Ticket System 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

WordPress plugin Selar.Co Widget 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

WordPress Quform plugin <= 2.20.0 - Unauthenticated Sensitive Information Exposure vulnerability

Unauthenticated Sensitive Information Exposure vulnerability discovered by shaman0x01 in WordPress Plugin Quform versions = 2.20.0...

WordPress Embed documents shortcode plugin <= 1.5 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Embed documents shortcode versions = 1.5...

WordPress WP Listings Pro plugin <= 3.0.14 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WP Listings Pro versions = 3.0.14...