46606 matches found
WordPress Accessibility Press plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by HunSec in WordPress Plugin Accessibility Press versions = 1.0.2...
WordPress Dashboard Beacon plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by HunSec in WordPress Plugin Dashboard Beacon versions = 1.2.0...
WordPress Headinger for Elementor plugin <= 1.1.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Headinger for Elementor versions = 1.1.4...
WordPress Behance Portfolio Manager plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nguyen Tran Tuan Dung domiee13 in WordPress Plugin Behance Portfolio Manager versions = 1.7.5...
WordPress Cooked plugin <= 1.11.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by ch1mk in WordPress Plugin Cooked versions = 1.11.3...
WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability
Software : Genemy Type : Theme Vulnerable versions : = 1.6.6 OWASP Top 10 : A10: Server-Side Request Forgery SSRF Classification : Server Side Request Forgery SSRF CVE ID : CVE-2025-59138 Patchstack priority : Low CVSS severity : 4.9 Required privilege : Subscriber Developer : Claim ownership PSI...
WordPress Genemy theme <= 1.6.6 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Genemy versions = 1.6.6...
WordPress WordPress & WooCommerce Scraper plugin, Import Data from Any Site plugin <= 1.0.7 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Bonds in WordPress Plugin WordPress & WooCommerce Scraper Plugin, Import Data from Any Site versions = 1.0.7...
WordPress Couponer for Elementor plugin <= 1.1.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Couponer for Elementor versions = 1.1.7...
WordPress Watcher for Elementor plugin <= 1.0.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Watcher for Elementor versions = 1.0.9...
WordPress Questionar for Elementor plugin <= 1.1.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Questionar for Elementor versions = 1.1.7...
WordPress Gmaper for Elementor plugin <= 1.0.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Gmaper for Elementor versions = 1.0.9...
WordPress Sliper for Elementor plugin <= 1.0.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Sliper for Elementor versions = 1.0.10...
WordPress Walker for Elementor plugin <= 1.1.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Walker for Elementor versions = 1.1.6...
WordPress Select Graphist for Elementor Graphist for Elementor plugin <= 1.2.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Select Graphist for Elementor Graphist for Elementor versions = 1.2.10...
WordPress Valenti Engine plugin <= 1.0.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Valenti Engine versions = 1.0.3...
WordPress AnyComment plugin <= 0.3.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rooting in WordPress Plugin AnyComment versions = 0.3.6...
WordPress Signature Add-On for Gravity Forms plugin <= 1.8.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Signature Add-On for Gravity Forms versions = 1.8.6...
WordPress Pardakht Delkhah plugin <= 3.0.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Pardakht Delkhah versions = 3.0.0...
WordPress Direct Payments WP plugin <= 1.3.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by powpy in WordPress Plugin Direct Payments WP versions = 1.3.0...
WordPress Easy Upload Files During Checkout plugin <= 3.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Easy Upload Files During Checkout versions = 3.0.0...
WordPress WP Custom Admin Interface plugin <= 7.40 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin WP Custom Admin Interface versions = 7.40...
WordPress Direct Payments WP plugin <= 1.3.0 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jitlada in WordPress Plugin Direct Payments WP versions = 1.3.0...
WordPress Co-marquage service-public.fr plugin <= 0.5.77 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Co-marquage service-public.fr versions = 0.5.77...
WordPress BoomDevs WordPress Coming Soon plugin plugin <= 1.0.4 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jitlada in WordPress Plugin BoomDevs WordPress Coming Soon versions = 1.0.4...
WordPress WP Gmail SMTP plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin WP Gmail SMTP versions = 1.0.7...
WordPress Hide Plugins plugin <= 1.0.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Hide Plugins versions = 1.0.4...
WordPress Order Cancellation & Returns for WooCommerce plugin <= 1.1.10 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by powpy in WordPress Plugin Order Cancellation & Returns for WooCommerce versions = 1.1.11...
WordPress Orders Chat for WooCommerce plugin <= 1.2.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by powpy in WordPress Plugin Orders Chat for WooCommerce versions = 1.2.0...
WordPress Post Snippets plugin <= 4.0.11 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Post Snippets versions = 4.0.11...
WordPress Sticky Notes for WP Dashboard plugin <= 1.2.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Sticky Notes for WP Dashboard versions = 1.2.4...
WordPress All in One Accessibility plugin <= 1.15 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin All in One Accessibility versions = 1.15...
WordPress Accordion Slider Gallery plugin <= 2.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Accordion Slider Gallery versions = 2.7...
WordPress Appointify plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by 0xVenus in WordPress Plugin Appointify versions = 1.0.8...
WordPress Tasty Recipes Lite plugin <= 1.1.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin Tasty Recipes Lite versions = 1.1.5...
WordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Rooting in WordPress Theme Vireo versions = 1.0.24...
WordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerability
Software : Vireo Type : Theme Vulnerable versions : = 1.0.24 OWASP Top 10 : A1: Broken Access Control Classification : Broken Access Control CVE ID : CVE-2025-62751 Patchstack priority : Low CVSS severity : 4.3 Required privilege : Subscriber Developer : Claim ownership PSID : 110abd56a0bb Credit...
WordPress Tasty Recipes Lite plugin <= 1.1.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin Tasty Recipes Lite versions = 1.1.5...
WordPress FormFacade plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin FormFacade versions = 1.4.1...
WordPress iNext Woo Pincode Checker plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin iNext Woo Pincode Checker versions = 2.3.1...
WordPress Gmedia Photo Gallery plugin <= 1.25.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin Gmedia Photo Gallery versions = 1.25.0...
WordPress Mergado Pack plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Mergado Pack versions = 4.2.1...
WordPress Post Video Players plugin <= 1.163 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Post Video Players versions = 1.163...
WordPress Robots.txt rewrite plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Robots.txt rewrite versions = 1.6.1...
WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Live Shopping & Shoppable Videos For WooCommerce versions = 2.2.0...
WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin History Timeline versions = 1.0.6...
WordPress Download Media Library plugin <= 0.2.1 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Download Media Library versions = 0.2.1...
WordPress AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One plugin <= 1.1.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by NumeX in WordPress Plugin AI Content Writing Assistant Content Writer, ChatGPT, Image Generator All in One versions = 1.1.7...
WordPress Trash Duplicate and 301 Redirect plugin <= 1.9.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Trash Duplicate and 301 Redirect versions = 1.9.1...
WordPress WP Export Categories & Taxonomies plugin <= 1.0.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Export Categories & Taxonomies versions = 1.0.3...