46606 matches found
WordPress RegistrationMagic plugin <= 6.0.8.6 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by James Paremain in WordPress Plugin RegistrationMagic versions = 6.0.8.6...
WordPress Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.4.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms versions = 1.4.3...
WordPress Integration for Contact Form 7 HubSpot plugin <= 1.3.7 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Integration for Contact Form 7 HubSpot versions = 1.3.7...
WordPress Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms plugin <= 1.1.8 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Integration for Mailchimp and Contact Form 7, WPForms, Elementor, Ninja Forms versions = 1.1.8...
WordPress wpForo Forum plugin <= 3.1.0 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by Jakub Herman in WordPress Plugin wpForo Forum versions = 3.1.0...
WordPress Happyforms plugin <= 1.26.13 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by longnv719 in WordPress Plugin Happyforms versions = 1.26.13...
WordPress wpForo Forum plugin <= 3.1.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin wpForo Forum versions = 3.1.0...
WordPress WP Travel Engine plugin <= 6.7.12 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin WP Travel Engine versions = 6.7.12...
WordPress FV Flowplayer Video Player plugin < 7.5.51.7212 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jakub Herman in WordPress Plugin FV Flowplayer Video Player versions 7.5.51.7212...
WordPress RD Station plugin <= 5.6.0 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by ParkHyunWoo in WordPress Plugin RD Station versions = 5.6.0...
WordPress Welcart e-Commerce plugin <= 2.11.28 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by dodoh4t in WordPress Plugin Welcart e-Commerce versions = 2.11.28...
WordPress GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites plugin <= 2.32.6 - SQL Injection vulnerability
SQL Injection vulnerability discovered by HaiND in WordPress Plugin GPTranslate – Multilingual AI Translation for WordPress: Automatically Translate Websites versions = 2.32.6...
WordPress WPFunnels Pro plugin <= 2.9.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by dutafi in WordPress Plugin WPFunnels Pro versions = 2.9.4...
WordPress Integration for Contact Form 7 and Constant Contact plugin <= 1.1.6 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Frissi0n in WordPress Plugin Integration for Contact Form 7 and Constant Contact versions = 1.1.6...
WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin <= 2.0.8 - SQL Injection vulnerability
SQL Injection vulnerability discovered by daroo in WordPress Plugin Unlimited Elements For Elementor Free Widgets, Addons, Templates versions = 2.0.8...
WordPress WP eMember plugin <= v10.2.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin WP eMember versions = v10.2.2...
WordPress OttoKit plugin <= 1.1.27 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin OttoKit versions = 1.1.27...
WordPress Photo Gallery by 10Web plugin <= 1.8.41 - SQL Injection vulnerability
SQL Injection vulnerability discovered by daroo in WordPress Plugin Photo Gallery by 10Web versions = 1.8.41...
WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability
Backdoor vulnerability discovered by Shane in WordPress Plugin Product Slider Pro for WooCommerce versions 3.5.4...
WordPress Content Visibility for Divi Builder plugin <= 4.02 - Authenticated (Contributor+) Remote Code Execution vulnerability
Authenticated Contributor+ Remote Code Execution vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin Content Visibility for Divi Builder versions = 4.02...
WordPress SP Project & Document Manager plugin <= 4.71 - Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability
Missing Authorization to Unauthenticated Arbitrary File Information Disclosure vulnerability discovered by Namdn - Vncsglobal in WordPress Plugin SP Project & Document Manager versions = 4.71...
WordPress ARMember Premium – Membership plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 7.3.1 - Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation vulnerability
Insecure Password Reset Mechanism to Unauthenticated Privilege Escalation vulnerability discovered by h0xilo in WordPress Plugin ARMember Premium versions = 7.3.1...
WordPress ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 7.3.1 - Authenticated (Subscriber+) SQL Injection vulnerability
Authenticated Subscriber+ SQL Injection vulnerability discovered by h0xilo in WordPress Plugin ARMember Premium versions = 7.3.1...
WordPress ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 7.3.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by h0xilo in WordPress Plugin ARMember Premium versions = 7.3.1...
WordPress Dokan plugin <= 5.0.2 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Dokan versions = 5.0.2...
WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin AutomatorWP versions = 5.7.2...
WordPress JobSearch plugin <= 3.2.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by adhikara13 in WordPress Plugin JobSearch versions = 3.2.7...
WordPress WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels plugin <= 4.9.4 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Jakub Herman in WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels versions = 4.9.4...
WordPress MasterStudy LMS Pro plugin <= 4.8.20 - Authenticated (Instructor+) SQL Injection vulnerability
Authenticated Instructor+ SQL Injection vulnerability discovered by Rafie Muhammad - Awesome Motive, Inc. in WordPress Plugin MasterStudy LMS Pro versions = 4.8.20...
WordPress Quiz And Survey Master plugin <= 11.1.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by endy in WordPress Plugin Quiz And Survey Master versions = 11.1.2...
WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin <= 1.3.9.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by fayespiegel in WordPress Plugin Drag and Drop Multiple File Upload – Contact Form 7 versions = 1.3.9.7...
WordPress Really Simple SSL plugin <= 9.5.10 - Broken Authentication vulnerability
Broken Authentication vulnerability discovered by Septio Noerdiansyah in WordPress Plugin Really Simple SSL versions = 9.5.10...
WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Evan NR in WordPress Plugin Really Simple SSL versions = 9.5.9...
WordPress Rank Math SEO plugin <= 1.0.271 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Rank Math SEO versions = 1.0.271...
WordPress Geo Mashup plugin <= 1.13.19 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Baikuya in WordPress Plugin Geo Mashup versions = 1.13.19...
WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Tiago Ventura @perses in WordPress Plugin Funnel Builder by FunnelKit versions = 3.15.0.2...
WordPress XCloner plugin <= 4.8.6 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by kai63001 in WordPress Plugin XCloner versions = 4.8.6...
WordPress Sunshine Photo Cart plugin <= 3.6.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Sunshine Photo Cart versions = 3.6.7...
WordPress ELEX WordPress HelpDesk & Customer Ticketing System plugin <= 3.3.6 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Mukhlis Amien in WordPress Plugin ELEX WordPress HelpDesk & Customer Ticketing System versions = 3.3.6...
WordPress JS Help Desk plugin <= 3.0.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nvz in WordPress Plugin JS Help Desk versions = 3.0.9...
WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability
SQL Injection vulnerability discovered by sequenceX0 in WordPress Plugin JS Help Desk versions = 3.0.9...
WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by she11f in WordPress Plugin HollerBox versions = 2.3.10.1...
WordPress TrueBooker plugin <= 1.1.9 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Vincent Sevkli in WordPress Plugin TrueBooker versions = 1.1.9...
WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability
SQL Injection vulnerability discovered by xwii in WordPress Plugin WP Time Slots Booking Form versions = 1.2.50...
WordPress Amelia plugin <= 2.3 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by dodoh4t in WordPress Plugin Amelia versions = 2.3...
WordPress Elementor Website Builder plugin <= 4.1.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bonds in WordPress Plugin Elementor Website Builder versions = 4.1.0...
WordPress Crew HRM plugin <= 1.2.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Crew HRM versions = 1.2.2...
WordPress Progress Planner plugin <= 1.9.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by hongdo in WordPress Plugin Progress Planner versions = 1.9.0...
WordPress WP Job Portal plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Baikuya in WordPress Plugin WP Job Portal versions = 2.5.2...
WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability
Insecure Direct Object References IDOR vulnerability discovered by Austin Ginder in WordPress Plugin Simple Shopping Cart versions = 5.2.9...