WordPress Meow Gallery Plugin <= 5.1.3 is vulnerable to Cross Site Scripting (XSS)

Software Meow Gallery Type Plugin Vulnerable versions = 5.1.3 Fixed in 5.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4386 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ff273a246878 Credits Krzysztof Zając Required...

WordPress Porto Theme - Functionality Plugin <= 3.1.0 is vulnerable to Local File Inclusion

Software Porto Theme - Functionality Type Plugin Vulnerable versions = 3.1.0 Fixed in 3.1.1 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-3808 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 05d6982e8315 Credits István Márton Required privileg...

WordPress Pure Chat Plugin <= 2.22 is vulnerable to Cross Site Scripting (XSS)

Software Pure Chat Type Plugin Vulnerable versions = 2.22 Fixed in 2.23 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3595 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ddb44562eab6 Credits Lucio Sá Required privileg...

WordPress XML Sitemap & Google News Plugin <= 5.4.8 is vulnerable to Local File Inclusion

Software XML Sitemap & Google News Type Plugin Vulnerable versions = 5.4.8 Fixed in 5.4.9 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-4441 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID c001486d4aed Credits Foxyyy Required privilege...

WordPress Social Connect Plugin <= 1.2 is vulnerable to Privilege Escalation

Software Social Connect Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A8: Software and Data Integrity Failures Classification Privilege Escalation CVE CVE-2024-4393 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID cb56af432b5b Credits István Márton...

WordPress Visual Footer Credit Remover Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Visual Footer Credit Remover Type Plugin Vulnerable versions = 1.2 Fixed in 1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2846 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 265b4eed7803 Credits 1337Wannabe...

WordPress Shared Counts Plugin <= 1.4.1 is vulnerable to Broken Access Control

Software Shared Counts Type Plugin Vulnerable versions = 1.4.1 Fixed in 1.5.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9dd902d0b809 Credits N/A Required privilege Unauthenticated...

WordPress Better Elementor Addons Plugin <=1.4.4 is vulnerable to Cross Site Scripting (XSS)

Software Better Elementor Addons Type Plugin Vulnerable versions =1.4.4 Fixed in 1.4.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34432 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 61226b685883 Credits 4rCanJ0x! Required privilege...

WordPress Content Blocks (Custom Post Widget) Plugin <= 3.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Content Blocks Custom Post Widget Type Plugin Vulnerable versions = 3.3.0 Fixed in 3.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34566 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c437cf336c56 Credits Ngô Thiên An ancorn...

WordPress Zotpress Plugin <= 7.3.9 is vulnerable to Cross Site Scripting (XSS)

Software Zotpress Type Plugin Vulnerable versions = 7.3.9 Fixed in 7.3.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34569 Patch priority Low CVSS severity Low 6.5 Developer Katie Seaborn PSID 7fcedeab8bd4 Credits LVT-tholv2k Required privilege Contributor...

WordPress Fancy Elementor Flipbox Plugin <= 2.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.2 Fixed in 2.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34572 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6fdd1efa32f5 Credits Khalid Yusuf Required privileg...

WordPress Counter Up Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Counter Up Type Plugin Vulnerable versions = 2.2.1 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34564 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0c39c66bb9f2 Credits LVT-tholv2k Required privilege Contributor...

WordPress Stockholm Theme <= 9.6 is vulnerable to Local File Inclusion

Software Stockholm Type Theme Vulnerable versions = 9.6 Fixed in 9.7 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-34552 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 85b9ed51ce3f Credits Rafie Muhammad Patchstack Required privilege...

WordPress Gold Addons for Elementor Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Gold Addons for Elementor Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34563 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4ec8bc999d21 Credits Khalid Yusuf Required...

WordPress SKT Addons for Elementor Plugin <=1.8 is vulnerable to Cross Site Scripting (XSS)

Software SKT Addons for Elementor Type Plugin Vulnerable versions =1.8 Fixed in 1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34436 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 346a6441540d Credits 4rCanJ0x! Required privilege...

WordPress Move Addons for Elementor Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Move Addons for Elementor Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34562 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 788c0e0d4eae Credits Khalid Yusuf Required...

WordPress Himalayas Theme <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Himalayas Type Theme Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34571 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd02f673cbfe Credits stealthcopter Required privilege Contributor...

WordPress Ultimate Store Kit Elementor Addons Plugin <= 2.0.3 is vulnerable to PHP Object Injection

Software Ultimate Store Kit Elementor Addons Type Plugin Vulnerable versions = 2.0.3 Fixed in 2.0.4 OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-4606 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 46e7a74eebcc Credits Ray Wilson Requir...

WordPress Stockholm Theme <= 9.6 is vulnerable to Local File Inclusion

Software Stockholm Type Theme Vulnerable versions = 9.6 Fixed in 9.7 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-34551 Patch priority High CVSS severity High 9 Developer Claim ownership PSID ba79b1de262f Credits Rafie Muhammad Patchstack Required privilege...

WordPress WP Photo Album Plus Plugin <= 8.7.01.001 is vulnerable to Arbitrary File Upload

Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.7.01.001 Fixed in 8.7.01.002 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-31377 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 6676bd224b42 Credits stealthcopter Required...