WordPress Mail Mint plugin <= 1.19.5 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan in WordPress Plugin Mail Mint versions = 1.19.5...

WordPress Image Photo Gallery Final Tiles Grid plugin <= 3.6.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Image Photo Gallery Final Tiles Grid versions = 3.6.11...

WordPress FOX plugin <= 1.4.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin FOX versions = 1.4.5...

WordPress Premmerce Redirect Manager plugin <= 1.0.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Premmerce Redirect Manager versions = 1.0.12...

WordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Que Thanh Tuan in WordPress Plugin Filr versions = 1.2.14...

WordPress Broadstreet Ads plugin <= 1.52.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Broadstreet Ads versions = 1.52.1...

WordPress WpStream plugin <= 4.9.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin WpStream versions = 4.9.5...

WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin WpEvently versions = 5.0.4...

WordPress Modula Image Gallery plugin <= 2.13.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan in WordPress Plugin Modula Image Gallery versions = 2.13.6...

WordPress YOP Poll plugin <= 6.5.38 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin YOP Poll versions = 6.5.38...

WordPress Download Manager plugin <= 3.3.32 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Download Manager versions = 3.3.32...

WordPress Ivory Search plugin <= 5.5.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Ivory Search versions = 5.5.12...

WordPress WANotifier plugin <= 2.7.12 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nguyen Tran Tuan Dung domiee13 in WordPress Plugin Notifier versions = 2.7.12...

WordPress Ultimate WP Mail plugin <= 1.3.5 - Account Takeover via Email Log Leak Vulnerability

Account Takeover via Email Log Leak Vulnerability discovered by domiee13 in WordPress Plugin Ultimate WP Mail versions = 1.3.5...

WordPress WP Table Builder plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by domiee13 in WordPress Plugin WP Table Builder versions = 2.0.6...

WordPress Export All Post Meta Plugin <= 1.2.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Tran Hoang Tuan Kiet in WordPress Plugin Export All Post Meta versions = 1.2.1...

WordPress Rate my Post – WP Rating System plugin <= 3.3.4 - Race Condition vulnerability

Race Condition vulnerability leading to votes increase/decrease discovered by Nguy Minh Tuan Patchstack Alliance in WordPress Rate my Post – WP Rating System plugin versions = 3.3.4. Solution Update the WordPress Rate my Post – WP Rating System plugin to the latest available version at least 3.3....

WordPress Download Monitor plugin <= 4.4.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability

Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Nguy Minh Tuan in WordPress Download Monitor plugin versions = 4.4.6. Solution Update the WordPress Download Monitor plugin to the latest available version at least 4.4.7...

WordPress Envira Photo Gallery plugin <= 1.8.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability found by Minh Tuan SunCSR in WordPress Envira Photo Gallery plugin versions = 1.8.3.2. Solution Update the WordPress Envira Photo Gallery plugin to the latest available version at least 1.8.3.3...

XSS Vulnerability in the Frontend of Tuan ah VIP Movie System

Tuan ah VIP movie system is a set of VIP movie video viewing website with registered member agent version. A XSS vulnerability exists in the frontend of Tuan Ah VIP Movie System. An attacker can exploit this vulnerability to obtain user cookie information...