WordPress Knowledge Base plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Knowledge Base versions = 2.2.0...

WordPress Amazon Associate Filter plugin <= 0.4 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Amazon Associate Filter versions = 0.4...

WordPress plugin The Post Grid 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin The Post Grid 安全漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Aajoda Testimonials plugin <= 2.2.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Aajoda Testimonials versions = 2.2.2...

WordPress Blrt WP Embed plugin <= 1.6.9 - SQL Injection vulnerability

SQL Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Blrt WP Embed versions = 1.6.9...

WordPress Amilia Store plugin <= 2.9.8 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Amilia Store versions = 2.9.8...

CVE-2024-10189

The Anchor Episodes Index Spotify for Podcasters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's anchorepisodes shortcode in all versions up to, and including, 2.1.10 due to insufficient input sanitization and output escaping on user supplied attributes. This...

WordPress plugin SiteBuilder Dynamic Components 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPres...

WordPress RSS Feed Widget plugin <= 2.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via rfw-youtube-videos Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via rfw-youtube-videos Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin RSS Feed Widget versions = 2.9.9...

WordPress Edwiser Bridge plugin <= 3.0.7 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin Edwiser Bridge versions = 3.0.7...

WordPress plugin Embed PDF Viewer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plug-in. WordPress plugin Embed PDF Viewer...

WordPress Relevanssi plugin < 4.23.1 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Relevanssi versions 4.23.1...

WordPress PWA plugin <= 1.6.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via SVG File Upload vulnerability discovered by Francesco Carlucci in WordPress Plugin PWA versions = 1.6.3...

Denial Of Service (DoS)

Mattermost is vulnerable to Denial of Service DoS. The vulnerability is due to Mattermost failing to properly check plugin versions when installed from the Marketplace, allowing authorized users to install outdated versions with known vulnerabilities...

WordPress Zoho forms plugin <= 4.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Zoho Forms versions = 4.0...

WordPress Slider by 10Web plugin < 1.2.59 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Slider by 10Web versions 1.2.59...

WordPress Polls CP plugin <= 1.0.74 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin CP Polls versions = 1.0.74...

WordPress VR Calendar plugin <= 2.4.0 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Plugin VR Calendar versions = 2.4.0...

WordPress PDF Thumbnail Generator plugin <= 1.3 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin PDF Thumbnail Generator versions = 1.3...