WordPress BLAZE Retail Widget plugin <= 2.5.2 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin BLAZE Retail Widget versions = 2.5.2...

WordPress Jobs.af plugin <= 1.0.1 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin Jobs.af versions = 1.0.1...

WordPress OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) plugin <= 1.1.2 - Malicious Polyfill.io Embed vulnerability

Malicious Polyfill.io Embed vulnerability discovered by Sansec.io in WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder formerly Visual Composer versions = 1.1.2...

WordPress ADDRESSYA Plugin <= 3.1.1 is vulnerable to Backdoor

Software ADDRESSYA Type Plugin Vulnerable versions = 3.1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fbc4dd8dabc1 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

WordPress Jobs.af Plugin <= 1.0.1 is vulnerable to Backdoor

Software Jobs.af Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 91427fbfaa3a Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

WordPress nicen-localize-image Plugin <= 1.4.1 is vulnerable to Backdoor

Software nicen-localize-image Type Plugin Vulnerable versions = 1.4.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9cc7d9fd0cd5 Credits Sansec.io Required privilege Unauthenticated Published 3 July,...

WordPress Canvas-Nest.js Plugin <= 1.0.1 is vulnerable to Backdoor

Software Canvas-Nest.js Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 5b218a741bed Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

WordPress TotalRating Pro Plugin <= 1.8.4 is vulnerable to Backdoor

Software TotalRating Pro Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.8.5 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 63434ea7cd48 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 20...

WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Backdoor

Software alfred24 Click & Collect Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cf5f2b39e0cf Credits Sansec.io Required privilege Unauthenticated Published 3...

WordPress Ideaplus Plugin <= 1.0.5 is vulnerable to Backdoor

Software Ideaplus Type Plugin Vulnerable versions = 1.0.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ec824eebab48 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

WordPress Meal Tracker Plugin <= 3.1.6 is vulnerable to Backdoor

Software Meal Tracker Type Plugin Vulnerable versions = 3.1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID e250a3bed696 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...

WordPress Contact Form 7 Multi-Step Addon Plugin <= 1.0.5 is vulnerable to Backdoor

Software Contact Form 7 Multi-Step Addon Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8aae8a0dc1cb Credits Sansec.io Required privilege Unauthenticated...

WordPress CommandBar for WP Admin Plugin <= 1.0.7 is vulnerable to Backdoor

Software CommandBar for WP Admin Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4ca3d0fa43b1 Credits Sansec.io Required privilege Unauthenticated Published 3...