WordPress Restaurant Menu plugin <= 2.3.1 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence in WordPress Restaurant Menu plugin versions = 2.3.1. Solution Update the WordPress Restaurant Menu – Food Ordering System – Table Reservation plugin to the latest available version at least 2.3.2...

WordPress WP Bootstrap Gallery plugin <= 1.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by ptsfence Patchstack Alliance in WordPress WP Bootstrap Gallery plugin versions = 1.1. Solution No patched version is available. No reply from the vendor...

WordPress Accessibility plugin <= 1.0.3 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress Accessibility plugin versions = 1.0.3. Solution Update the WordPress Accessibility plugin to the latest available version at least 1.0.4...

WordPress Optinly plugin <= 1.0.11 - Broken Access Control vulnerability

Broken Access Control leading to plugin settings change by the subscriber or higher role user vulnerability discovered by ptsfence Patchstack in WordPress Optinly plugin versions = 1.0.11. Solution No patched version is available. No reply from the vendor...

WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress YDS Support Ticket System plugin versions = 1.0. Solution No patched version is available. No reply from the vendor...

WordPress Read more By Adam plugin <= 1.1.8 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress Read more By Adam plugin versions = 1.1.8. Solution No patched version is available. No reply from the vendor...

WordPress Culture Object plugin <= 4.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence Patchstack Alliance in WordPress Culture Object plugin versions = 4.0.1. Solution Update the WordPress Culture Object plugin to the latest available version at least 4.1.1...

WordPress Accommodation System plugin <= 1.0.1 - Missing Access Control vulnerability

Missing Access Control vulnerability discovered by ptsfence Patchstack Alliance in WordPress Accommodation System plugin versions = 1.0.1. Solution Deactivate and delete. This plugin has been closed as of August 24, 2022 and is not available for download. This closure is temporary, pending a full...

WordPress THE Leads Management System: 59sec LITE plugin <= 3.4.1 - Unauthenticated plugin settings change vulnerability

Unauthenticated plugin settings change vulnerability discovered by ptsfence Patchstack Alliance in WordPress THE Leads Management System: 59sec LITE plugin versions = 3.4.1. Solution Deactivate and delete. This plugin has been closed as of August 12, 2022 and is not available for download. This...

WordPress Alpine PhotoTile for Pinterest plugin <= 1.3.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by ptsfence in WordPress Alpine PhotoTile for Pinterest plugin versions = 1.3.1. Solution Deactivate and delete. This plugin has been closed as of August 10, 2022 and is not available for download. This closure is temporary,...

WordPress Content Mask plugin <= 1.8.4 - Arbitrary Options Update vulnerability

Arbitrary Options Update vulnerability discovered by ptsfence in WordPress Content Mask plugin versions = 1.8.4. Solution Update the WordPress Content Mask plugin to the latest available version at least 1.8.4.1...