WordPress WP Setup Wizard Plugin <= 1.0.8.1 is vulnerable to Sensitive Data Exposure

Software WP Setup Wizard Type Plugin Vulnerable versions = 1.0.8.1 Fixed in 1.0.8.2 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-25917 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 5a05aed5e6cb Credits Dave Jong Patchstack...

WordPress Paid Member Subscriptions Plugin <= 2.11.1 is vulnerable to Broken Access Control

Software Paid Member Subscriptions Type Plugin Vulnerable versions = 2.11.1 Fixed in 2.11.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1390 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 6361d41c5a14 Credits Lucio Sá Required...

WordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Multi Rating Type Plugin Vulnerable versions = 5.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47433 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dedf07346191 Credits minhtuanact Required...

WordPress WPGlobus Translate Options Plugin <= 2.1.0 is vulnerable to Cross Site Scripting (XSS)

Software WPGlobus Translate Options Type Plugin Vulnerable versions = 2.1.0 Fixed in 2.2.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25711 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID 62953df5e274 Credits thienn...