WordPress Simple Video Directory plugin < 1.4.3 - Unauthenticated SQLi vulnerability

Unauthenticated SQLi vulnerability discovered by Project Black in WordPress Plugin Simple Video Directory versions 1.4.3...

WordPress Profile Builder plugin <= 3.12.0 - Admin+ Stored Cross Site Scripting vulnerability

Admin+ Stored Cross Site Scripting vulnerability discovered by John Castro in WordPress Plugin Profile Builder versions = 3.12.0...

WordPress kbucket plugin < 4.1.5 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Bob Matyas in WordPress Plugin KBucket versions 4.1.5...

WordPress Clasify Classified Listing plugin <= 1.0.7 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Clasify Classified Listing versions = 1.0.7...

WordPress JSP Store Locator plugin <= 1.0 - Contributor+ SQL Injection vulnerability

Contributor+ SQL Injection vulnerability discovered by Régis SENET in WordPress Plugin JSP Store Locator versions = 1.0...

WordPress Sailthru Triggermail plugin < 1.1 - Subscriber+ Stored XSS vulnerability

Subscriber+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Sailthru Triggermail versions 1.1...

WordPress ARForms Builder plugin < 1.7.1 - Unauthenticated Stored XSS vulnerability

Unauthenticated Stored XSS vulnerability discovered by Malek Althubiany in WordPress Plugin ARForms Form Builder versions 1.7.1...

WordPress Hubbub Lite plugin < 1.34.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Hubbub Lite versions 1.34.4...

WordPress Wise Chat plugin <= 3.3.3 - Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability

Unauthenticated Sensitive Information Exposure Through Unprotected Directory vulnerability discovered by Tim Coen in WordPress Plugin Wise Chat versions = 3.3.2...

WordPress Wishlist plugin <= 2.1.0 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Wishlist versions = 2.1.0...

WordPress CSS3 Accordions for WordPress plugin <= 3.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin CSS3 Accordions for WordPress versions = 3.0...

WordPress Responsive HTML5 Audio Player PRO With Playlist plugin <= 3.5.7 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Responsive HTML5 Audio Player PRO With Playlist versions = 3.5.7...

WordPress CountDown Pro WP Plugin <= 2.7 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin CountDown Pro WP Plugin versions = 2.7...

WordPress Ads Pro plugin <= 5.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Ads Pro versions = 5.0...

WordPress RS WP Book Showcase plugin <= 6.7.57 - Content Injection vulnerability

Content Injection vulnerability discovered by theviper17 in WordPress Plugin RS WP Book Showcase versions = 6.7.57...

WordPress 6Storage Rentals plugin <= 2.20.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Martino Spagnuolo r3verii in WordPress Plugin 6Storage Rentals versions = 2.20.1...

WordPress Arconix Shortcodes plugin <= 2.1.16 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Arconix Shortcodes versions = 2.1.16...

WordPress Travelpayouts plugin < 1.1.14 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Krzysztof Zając CERT PL in WordPress Plugin Travelpayouts versions 1.1.14...

The vulnerability of the setMacQos function in the /lib/cste_modules/firewall.so module of the TOTOLINK A3100R router’s software allows a attacker to cause a service failure.

The vulnerability of the setMacQos function in the /lib/cstemodules/firewall.so module of the TOTOLINK A3100R router’s software is related to buffer overflows in the stack when processing the priority parameter. Exploiting this vulnerability can allow an attacker to cause service interruptions by...

WordPress Experto CTA Widget – Call To Action, Sticky CTA, Floating Button Plugin <= 1.1.1 - Settings Change Vulnerability

Settings Change Vulnerability discovered by ch4r0n in WordPress Plugin Experto CTA Widget Call To Action, Sticky CTA, Floating Button Plugin versions = 1.1.1...