WordPress Slider by 10Web plugin < 1.2.59 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Slider by 10Web versions 1.2.59...

WordPress Polls CP plugin <= 1.0.74 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin CP Polls versions = 1.0.74...

WordPress VR Calendar plugin <= 2.4.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin VR Calendar versions = 2.4.0...

WordPress PDF Thumbnail Generator plugin <= 1.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PDF Thumbnail Generator versions = 1.3...

WordPress plugin Music Request Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Amelia plugin <= 1.2.4 - Missing Authorization to Sensitive Information Exposure vulnerability

Missing Authorization to Sensitive Information Exposure vulnerability discovered by Nadim Zubidat in WordPress Plugin Amelia versions = 1.2.4...

WordPress The Ultimate WordPress Toolkit – WP Extended plugin <= 3.0.8 - Authenticated (Subscriber+) Sensitive Information Exposure vulnerability

Authenticated Subscriber+ Sensitive Information Exposure vulnerability discovered by Marco Wotschka in WordPress Plugin The Ultimate WordPress Toolkit – WP Extended versions = 3.0.8...

Wordpress Ninja Forms plugin 3.8.6 - 3.8.10 - Reflected XSS

Wordpress Ninja Forms plugin 3.8.6 - 3.8.10 - Reflected XSS vulnerability discovered by Erwan LR WPScan in WordPress Plugin Ninja Forms versions 3.8.6-3.8.10...

WordPress Share This Image plugin <= 2.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via alignment Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via alignment Parameter vulnerability discovered by Francesco Carlucci in WordPress Plugin Share This Image versions = 2.01...

WordPress Visual Sound (old) plugin <= 1.06 - Settings Update via CSRF vulnerability

Settings Update via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Visual Sound old versions = 1.06...

WordPress infolinks Ad Wrap plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Daniel Ruf in WordPress Plugin infolinks Ad Wrap versions = 1.0.2...

WordPress plugin Registrations for the Events Calendar SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A SQL injection vulnerability exists in WordPress plug...

WordPress WP Testimonial Widget plugin <= 3.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hnwmn Patchstack Alliance in WordPress Plugin WP Testimonial Widget versions = 3.1...

WordPress Icegram Engage plugin <= 3.1.25 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.25...

WordPress Download Plugins and Themes from Dashboard plugin <= 1.8.7 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Krzysztof Zając in WordPress Plugin Download Plugins and Themes from Dashboard versions = 1.8.7...

WordPress DL Robots.txt plugin <= 1.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin DL Robots.txt versions = 1.2...

WordPress ElementsKit Pro plugin <= 3.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin ElementsKit Pro versions = 3.6.5...

WordPress Themify Shortcodes plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Themify Shortcodes versions = 2.1.1...

WordPress Hummingbird plugin <= 3.9.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Hummingbird versions = 3.9.1...

WordPress Filter & Grids plugin <= 2.8.32 - Broken Authentication vulnerability

Broken Authentication vulnerability discovered by RE-ALTER Patchstack Alliance in WordPress Plugin Filter & Grids versions = 2.8.33...