WordPress LeadConnector Plugin <= 1.7 is vulnerable to Broken Access Control

Software LeadConnector Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1371 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2445a52c5c7c Credits Krzysztof Zając Required...

WordPress User Location and IP Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Software User Location and IP Type Plugin Vulnerable versions = 1.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-31217 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8aceab066d00 Credits deokhunKim Required...