46606 matches found
WordPress AI Copilot plugin <= 1.5.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin AI Copilot versions = 1.5.0...
WordPress Flowbox plugin <= 1.1.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Flowbox versions = 1.1.5...
WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Varnish/Nginx Proxy Caching versions = 1.8.3...
WordPress Featured Image Generator plugin <= 1.3.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Featured Image Generator versions = 1.3.3...
WordPress MyD Delivery plugin <= 1.4.3 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by powpy in WordPress Plugin MyD Delivery versions = 1.4.3...
WordPress Gerencianet Oficial plugin <= 3.1.3 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Gerencianet Oficial versions = 3.1.3...
WordPress RestroPress plugin <= 3.2.4.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by daroo in WordPress Plugin RestroPress versions = 3.2.4.2...
WordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin GS Portfolio for Envato versions = 1.4.2...
WordPress Wiremo plugin <= 1.4.99 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Wiremo versions = 1.4.99...
WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Terms descriptions versions = 3.4.10...
WordPress EasyTest plugin <= 1.0.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin EasyTest versions = 1.0.1...
WordPress Simple Like Page plugin <= 1.5.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Simple Like Page versions = 1.5.3...
WordPress Wawp plugin <= 4.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Wawp versions = 4.4...
WordPress QuadLayers TikTok Feed plugin <= 4.6.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin QuadLayers TikTok Feed versions = 4.6.5...
WordPress Master Addons for Elementor plugin <= 2.0.9.9.4 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Mdr in WordPress Plugin Master Addons for Elementor versions = 2.0.9.9.4...
WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Realbig versions = 1.1.3...
WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Live Shopping & Shoppable Videos For WooCommerce versions = 2.2.0...
WordPress Hotel Booking plugin <= 3.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Hotel Booking versions = 3.8...
WordPress DMCA Protection Badge plugin <= 2.2.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin DMCA Protection Badge versions = 2.2.0...
WordPress Portfolio Gallery plugin <= 1.4.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Portfolio Gallery versions = 1.4.8...
WordPress Reuters Direct plugin <= 3.0.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Reuters Direct versions = 3.0.0...
WordPress Add Custom Codes plugin <= 4.80 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Add Custom Codes versions = 4.80...
WordPress Serial Codes Generator and Validator with WooCommerce Support plugin <= 2.8.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Serial Codes Generator and Validator with WooCommerce Support versions = 2.8.2...
WordPress WP Attachments plugin <= 5.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin WP Attachments versions = 5.2...
WordPress EasyIndex plugin <= 1.1.1704 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin EasyIndex versions = 1.1.1704...
WordPress OpenHook plugin <= 4.3.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin OpenHook versions = 4.3.1...
WordPress Contact Form Widget plugin <= 1.5.1 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Contact Form Widget versions = 1.5.1...
WordPress WP Advanced PDF plugin <= 1.1.7 - Other vulnerability Type vulnerability
Other vulnerability Type vulnerability discovered by NumeX in WordPress Plugin WP Advanced PDF versions = 1.1.7...
WordPress Core Web Vitals & PageSpeed Booster plugin <= 1.0.28 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Core Web Vitals & PageSpeed Booster versions = 1.0.28...
WordPress Black Rider theme <= 1.2.3 - Sensitive Data Exposure vulnerability
Software : Black Rider Type : Theme Vulnerable versions : = 1.2.3 OWASP Top 10 : A3: Sensitive Data Exposure Classification : Sensitive Data Exposure CVE ID : CVE-2025-59003 Patchstack priority : Medium CVSS severity : 5.8 Required privilege : Unauthenticated Developer : Claim ownership PSID :...
WordPress Black Rider theme <= 1.2.3 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Theme Black Rider versions = 1.2.3...
WordPress Add Featured Image Custom Link plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Add Featured Image Custom Link versions = 2.0.0...
WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Logo Slider , Logo Carousel , Logo showcase , Client Logo versions = 1.8.1...
WordPress WP Post Signature plugin <= 0.4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin WP Post Signature versions = 0.4.1...
WordPress WooCommerce Parcelas plugin <= 1.3.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WooCommerce Parcelas versions = 1.3.5...
WordPress Locatoraid Store Locator plugin <= 3.9.67 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Zeeshan Haider in WordPress Plugin Locatoraid Store Locator versions = 3.9.67...
WordPress Post Video Players plugin <= 1.163 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Post Video Players versions = 1.163...
WordPress Add Custom Codes plugin <= 4.80 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Certus Cybersecurity in WordPress Plugin Add Custom Codes versions = 4.80...
WordPress Bootstrap Modals plugin <= 1.3.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Bootstrap Modals versions = 1.3.2...
WordPress Maximum Products per User for WooCommerce plugin <= 4.4.3 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Maximum Products per User for WooCommerce versions = 4.4.3...
WordPress SEO Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin SEO Slider versions = 1.1.1...
WordPress Postie plugin <= 1.9.73 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin Postie versions = 1.9.73...
WordPress Extra Shortcodes plugin <= 2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Extra Shortcodes versions = 2.2...
WordPress Audiomack plugin <= 1.4.8 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Audiomack versions = 1.4.8...
WordPress Curator.io plugin <= 1.9.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Curator.io versions = 1.9.5...
WordPress AdWords Conversion Tracking Code plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin AdWords Conversion Tracking Code versions = 1.0...
WordPress Livemesh Addons for Beaver Builder plugin <= 3.9.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Livemesh Addons for Beaver Builder versions = 3.9.2...
WordPress Custom Background Changer plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Custom Background Changer versions = 3.0...
WordPress MyBookTable Bookstore plugin <= 3.6.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin MyBookTable Bookstore versions = 3.6.0...
WordPress Newsletters plugin <= 4.11 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Skalucy in WordPress Plugin Newsletters versions = 4.11...