WordPress Countdown Widget plugin <= 3.1.9.1 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS discovered by Rasi Afeef Patchstack Alliance in the WordPress Countdown Widget plugin versions = 3.1.9.1. Solution Update the WordPress WordPress Countdown Widget plugin to the latest available version at least 3.1.9.3...

WordPress Mantenimiento web plugin <= 0.13 - Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Rasi Afeef Patchstack Alliance in the WordPress Mantenimiento web plugin versions = 0.13. Solution Update the WordPress Mantenimiento web plugin to the latest available version at least 0.14...

WordPress Forms by CaptainForm <= 2.5.3 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability leading to Account Disconnect discovered by Rasi Afeef Patchstack Alliance in WordPress Forms by CaptainForm versions = 2.5.3. Solution No patched version is available. No reply from the vendor...

WordPress 3D Tag Cloud plugin <= 3.8 - Multiple Stored Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability

Multiple Stored Cross-Site Scripting XSS via Cross-Site Request Forgery CSRF vulnerability discovered by Rasi Afeef in WordPress 3D Tag Cloud plugin versions = 3.8. Solution No patched version is available. No reply from the vendor...

WordPress RD Station plugin <= 5.2.0 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

Multiple Cross-Site Request Forgery CSRF vulnerabilities were discovered by Rasi Afeef Patchstack Alliance in the WordPress RD Station plugin versions = 5.2.0. Solution Update the WordPress RD Station plugin to the latest available version at least 5.2.1...

WordPress wp-forecast plugin <= 7.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Rasi Afeef Patchstack Alliance in WordPress wp-forecast plugin versions = 7.5. Solution Update the WordPress wp-forecast plugin to the latest available version at least 7.6...

WordPress Footer Text plugin <= 2.0.3 - Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF leading to Cross-Site Scripting XSS vulnerability discovered by Rasi Afeef in WordPress Footer Text plugin versions = 2.0.3. Solution No patched version is available. No response from the vendor...

WordPress Ark-commenteditor plugin <= 2.15.6 - Iframe Injection via Comment vulnerability

Iframe Injection via Comment vulnerability discovered by Rasi Afeef in WordPress Ark-commenteditor plugin versions = 2.15.6. Solution Deactivate and delete. This plugin has been closed as of September 23, 2021 and is not available for download. Reason: Security Issue...