WordPress LinkedInclude Plugin <= 3.0.4 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin LinkedInclude versions = 3.0.4...

WordPress ConveyThis plugin <= 269.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by mcdruid in WordPress Plugin ConveyThis versions = 269.1...

WordPress Category Featured Images Extended Plugin <= 1.52 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Category Featured Images Extended versions = 1.52...

WordPress Frontend File Manager plugin <= 23.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Frontend File Manager versions = 23.3...

WordPress Envíos Coordinadora Woocommerce plugin <= 1.1.32 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Envíos Coordinadora Woocommerce versions = 1.1.32...

WordPress UK Address Postcode Validation plugin <= 3.9.2 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin UK Address Postcode Validation versions = 3.9.2...

WordPress Developer Plugin <= 1.2.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Developer versions = 1.2.6...

WordPress immonex Kickstart Team Plugin <= 1.6.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Peter Thaleikis in WordPress Plugin immonex Kickstart Team versions = 1.6.9...

WordPress Passster Plugin <= 4.2.18 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Passster versions = 4.2.18...

WordPress Dashboard Notepad Plugin <= 1.42 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Dashboard Notepad versions = 1.42...

WordPress AWP Classifieds plugin <= 4.4.3 - Content Injection vulnerability

Content Injection vulnerability discovered by Kishan Vyas in WordPress Plugin AWP Classifieds versions = 4.4.3...

WordPress Double the Donation Plugin <= 2.0.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Double the Donation versions = 2.0.0...

WordPress Double the Donation Plugin <= 2.0.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Double the Donation versions = 2.0.0...

WordPress PowerFolio Plugin <= 3.2.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin PowerFolio versions = 3.2.1...

WordPress Piotnet Forms Plugin <= 1.0.30 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin Piotnet Forms versions = 1.0.30...

WordPress LWS Affiliation Plugin <= 2.3.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin LWS Affiliation versions = 2.3.6...

WordPress Bot Block – Stop Spam Referrals in Google Analytics Plugin <= 2.6 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Bot Block Stop Spam Referrals in Google Analytics versions = 2.6...

WordPress Subresource Integrity (SRI) Manager Plugin <= 0.4.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin Subresource Integrity SRI Manager versions = 0.4.0...

WordPress WPeMatico RSS Feed Fetcher Plugin <= 2.8.10 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin WPeMatico RSS Feed Fetcher versions = 2.8.10...

WordPress Easy Hotel Booking plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra in WordPress Plugin Easy Hotel Booking versions = 1.8.8...

WordPress Image Hover Effects – Elementor Addon Plugin <= 1.4.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by ch4r0n in WordPress Plugin Image Hover Effects – Elementor Addon versions = 1.4.4...

WordPress Append extensions on Pages Plugin <= 1.1.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Append extensions on Pages versions = 1.1.2...

WordPress Append Link on Copy Plugin <= 0.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Append Link on Copy versions = 0.2...

WordPress Emergency Password Reset plugin <= 9.3 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Emergency Password Reset versions = 9.3...

WordPress Skimlinks Affiliate Marketing Tool plugin <= 1.3.1 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Skimlinks Affiliate Marketing Tool versions = 1.3.1...

WordPress Skimlinks Affiliate Marketing Tool plugin <= 1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Skimlinks Affiliate Marketing Tool versions = 1.3...

WordPress WP Advanced PDF Plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin WP Advanced PDF versions = 1.1.7...

WordPress payOS plugin <= 1.0.73 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin payOS versions = 1.0.73...

WordPress Photo Gallery by Ays Plugin <= 6.3.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin Photo Gallery by Ays versions = 6.3.8...

WordPress Directory Pro Plugin <= 2.5.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Directory Pro versions = 2.5.5...

WordPress Ongkoskirim.id Plugin <= 1.0.6 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bao BlueRock in WordPress Plugin Ongkoskirim.id versions = 1.0.6...

WordPress Plugin Security Scanner Plugin <= 2.0.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Plugin Security Scanner versions = 2.0.2...

WordPress SiteNarrator Text-to-Speech Widget Plugin <= 1.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin SiteNarrator Text-to-Speech Widget versions = 1.9...

WordPress Maps for WP Plugin <= 1.2.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Maps for WP versions = 1.2.5...

WordPress Open User Map Plugin <= 1.4.14 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin Open User Map versions = 1.4.14...

WordPress Poll Maker Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Abu Hurayra in WordPress Plugin Poll Maker versions = 6.0.2...

WordPress Post Carousel Slider for Elementor Plugin <= 1.7.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Abu Hurayra in WordPress Plugin Post Carousel Slider for Elementor versions = 1.7.0...

WordPress WooMS Plugin <= 9.12 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin WooMS versions = 9.12...

WordPress WooMS Plugin <= 9.12 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin WooMS versions = 9.12...

WordPress WowAddons plugin <= 1.5.11 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WowAddons versions = 1.5.11...

WordPress Slightly troublesome permalink Plugin <= 1.2.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Slightly troublesome permalink versions = 1.2.0...

WordPress Travel Map Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nabil Irawan in WordPress Plugin Travel Map versions = 1.0.3...

WordPress CoDesigner plugin <= 4.28.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin CoDesigner versions = 4.28.2...

WordPress VikRestaurants Table Reservations and Take-Away plugin <= 1.5.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by greenhats in WordPress Plugin VikRestaurants versions = 1.5.1...

WordPress Zoho Billing Plugin <= 4.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Zoho Billing versions = 4.1...

WordPress Library Bookshelves Plugin <= 5.11 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Library Bookshelves versions = 5.11...

WordPress WP Proposals Plugin <= 2.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin WP Proposals versions = 2.3...

WordPress Gallery Lightbox plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Prissy in WordPress Plugin Gallery Lightbox versions = 1.0.0.41...

WordPress WPB Quick View for WooCommerce plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Prissy in WordPress Plugin WPB Quick View for WooCommerce versions = 2.1.8...

WordPress VikRestaurants Table Reservations and Take-Away plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by greenhats in WordPress Plugin VikRestaurants versions = 1.5...