1527 matches found
WordPress WPLMS Theme <= 4.962 is vulnerable to Path Traversal
Software WPLMS Type Theme Vulnerable versions = 4.962 Fixed in 4.963 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2024-10470 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 63557cc0ea32 Credits Foxyyy Required privilege Unauthenticated Published 8...
WordPress Super Socializer Plugin <= 7.13.68 is vulnerable to Broken Authentication
Software Super Socializer Type Plugin Vulnerable versions = 7.13.68 Fixed in 7.14 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9946 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 3feff8ece72e Credits wesle...
WordPress Heateor Social Login Plugin <= 1.1.35 is vulnerable to Broken Authentication
Software Heateor Social Login Type Plugin Vulnerable versions = 1.1.35 Fixed in 1.1.36 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10020 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0cb2e3c4d2f1 Credits...
WordPress Loginizer Security Plugin <= 1.9.2 is vulnerable to Broken Authentication
Software Loginizer Security Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 39d130db7003 Credits...
WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)
Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...
WordPress Otter - Gutenberg Block Plugin <= 3.0.3 is vulnerable to Broken Access Control
Software Otter - Gutenberg Block Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-51671 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 1f22a7b87ab8 Credits Rafie Muhammad...
WordPress Paytium Plugin <= 4.4.10 is vulnerable to Broken Access Control
Software Paytium Type Plugin Vulnerable versions = 4.4.10 Fixed in 4.4.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-51667 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f67b49ade6f3 Credits Trương Hữu Phúc truonghuuphuc...
WordPress BetterLinks Plugin <= 2.1.7 is vulnerable to SQL Injection
Software BetterLinks Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-51672 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 159a4550c364 Credits Marek Mikita Required privilege Administrator Publish...
WordPress WP Hotel Booking Plugin <= 2.1.4 is vulnerable to Local File Inclusion
Software WP Hotel Booking Type Plugin Vulnerable versions = 2.1.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-51582 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 5c0a345b0a12 Credits ghsinfosec Required privilege Contributor...
WordPress MPG Plugin <= 4.0.1 is vulnerable to Broken Access Control
Software MPG Type Plugin Vulnerable versions = 4.0.1 Fixed in 4.0.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7424 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 61dc998feee8 Credits Rafshanzani Suhada Required privilege...
WordPress amazing neo icon font for elementor Plugin <= 2.0.1 is vulnerable to Cross Site Scripting (XSS)
Software amazing neo icon font for elementor Type Plugin Vulnerable versions = 2.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50543 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 973c64009b42 Credits Gab Required privile...
WordPress Audio Comparison Lite Plugin <= 3.4 is vulnerable to Cross Site Scripting (XSS)
Software Audio Comparison Lite Type Plugin Vulnerable versions = 3.4 Fixed in 3.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51627 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0a5a84c2cb69 Credits SOPROBRO Required privilege...
WordPress Bigmart Elements Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Bigmart Elements Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51589 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 12ab0da677da Credits Gab Required privilege Contributor...
WordPress Administrator Z Plugin <= 2024.11.20 is vulnerable to SQL Injection
Software Administrator Z Type Plugin Vulnerable versions = 2024.11.20 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-50524 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 23203529cd48 Credits stealthcopter Required privilege Subscriber...
WordPress ID-SK Toolkit Plugin <= 1.7.2 is vulnerable to Cross Site Scripting (XSS)
Software ID-SK Toolkit Type Plugin Vulnerable versions = 1.7.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50517 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8f37480f4086 Credits Gab Required privilege Contributor Publish...
WordPress Get Quote For Woocommerce Plugin <= 1.0.0 is vulnerable to Broken Access Control
Software Get Quote For Woocommerce Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9430 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ed4687422c20 Credits stehled Required...
WordPress FileOrganizer Plugin <= 1.0.9 is vulnerable to Arbitrary File Upload
Software FileOrganizer Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7985 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 9a28a4363098 Credits TANG Cheuk Hei siunam Required privilege...
WordPress Easy Pricing Tables Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Easy Pricing Tables Type Plugin Vulnerable versions = 3.2.5 Fixed in 3.2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8871 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 642ead38dfc7 Credits vgo0 Required...
WordPress Crypto Plugin <= 2.18 is vulnerable to Broken Authentication
Software Crypto Type Plugin Vulnerable versions = 2.18 Fixed in 2.19 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9989 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID a98b5d070482 Credits István Márton...
WordPress Wp Social Plugin <= 3.0.7 is vulnerable to Broken Authentication
Software Wp Social Type Plugin Vulnerable versions = 3.0.7 Fixed in 3.0.8 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2024-9501 Patch priority High CVSS severity High 9.8 Developer Wpmet PSID 239b8bacd5e7 Credits wesley wcraft Required privilege...