CVE-2024-3266

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attribute of widgets in all versions up to, and including, 4.8.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress CodeBard Help Desk plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by hunter85 Patchstack Alliance in WordPress Plugin CodeBard Help Desk versions = 1.1.1...

WordPress GEO My WordPress plugin < 4.5 - Admin+ Arbitrary File Upload vulnerability

Admin+ Arbitrary File Upload vulnerability discovered by Michael Dyrna in WordPress Plugin GEO my WordPress versions 4.5...