WordPress Animator plugin <= 3.0.16 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Animator versions = 3.0.16...

WordPress Restaurant Menu by MotoPress plugin <= 2.4.6 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Restaurant Menu by MotoPress versions = 2.4.6...

WordPress News Kit Elementor Addons plugin <= 1.3.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by zaim in WordPress Plugin News Kit Elementor Addons versions = 1.3.4...

WordPress Webba Booking plugin <= 5.1.20 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin Webba Booking versions = 5.1.20...

WordPress Newsletters plugin <= 4.10 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Newsletters versions = 4.10...

WordPress Theme Builder For Elementor plugin <= 1.2.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Theme Builder For Elementor versions = 1.2.3...

WordPress WooCommerce Google Sheet Connector plugin <= 1.3.20 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WooCommerce Google Sheet Connector versions = 1.3.20...

WordPress GymBase Theme Classes plugin <= 1.4 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin GymBase Theme Classes versions = 1.4...

WordPress WPAdverts plugin <= 2.2.5 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin WPAdverts versions = 2.2.5...

WordPress WP Delicious plugin <= 1.8.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin WP Delicious versions = 1.8.4...

WordPress Coupon Affiliates plugin <= 6.4.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by luckybuddy in WordPress Plugin Coupon Affiliates versions = 6.4.0...

WordPress AntiSpam for Contact Form 7 plugin <= 0.6.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Bao BlueRock in WordPress Plugin AntiSpam for Contact Form 7 versions = 0.6.3...

WordPress CM Pop-Up banners plugin <= 1.8.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Bao BlueRock in WordPress Plugin CM Pop-Up banners versions = 1.8.4...

WordPress Videopack plugin <= 4.10.3 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by 63n0 in WordPress Plugin Videopack versions = 4.10.3...

WordPress HT Contact Form 7 plugin <= 2.0.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin HT Contact Form 7 versions = 2.0.0...

WordPress Welcart e-Commerce plugin <= 2.11.16 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by 63n0 in WordPress Plugin Welcart e-Commerce versions = 2.11.16...

WordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin SMTP2GO versions = 1.12.1...

WordPress FluentSnippets plugin <= 10.50 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin FluentSnippets versions = 10.50...

WordPress JetSmartFilters plugin <= 3.6.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetSmartFilters versions = 3.6.8...

WordPress Bold Page Builder plugin <= 5.4.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by theviper17 in WordPress Plugin Bold Page Builder versions = 5.4.1...

WordPress Houzez theme <= 4.0.4 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Houzez versions = 4.0.4...

WordPress JetSearch plugin <= 3.5.10.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetSearch versions = 3.5.10.1...

WordPress JetPopup plugin <= 2.0.15.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetPopup versions = 2.0.15.1...

WordPress JetPopup plugin <= 2.0.15 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetPopup versions = 2.0.15...

WordPress JetTricks plugin <= 1.5.4.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetTricks versions = 1.5.4.1...

WordPress JetFormBuilder plugin <= 3.5.1.2 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Que Thanh Tuan Blue Rock in WordPress Plugin JetFormBuilder versions = 3.5.1.2...

WordPress JetBlocks For Elementor plugin <= 1.3.19 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetBlocks For Elementor versions = 1.3.19...

WordPress Hestia theme <= 3.2.10 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Martino Spagnuolo r3verii in WordPress Theme Hestia versions = 3.2.10...

WordPress JetTabs plugin <= 2.2.9 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetTabs versions = 2.2.9...

WordPress JetElements For Elementor plugin <= 2.7.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by stealthcopter in WordPress Plugin JetElements For Elementor versions = 2.7.7...

WordPress Cloud SAML SSO - Single Sign On Login <= 1.0.18 - Local File Inclusion Vulnerability

WordPress Cloud SAML SSO - Single Sign On Login = 1.0.18 - Local File Inclusion Vulnerability discovered by timomangcut in WordPress Plugin Cloud SAML SSO - Single Sign On Login versions = 1.0.18...

WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Custom API for WP versions = 4.2.2...

WordPress Webba Booking <= 5.1.20 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Webba Booking versions = 5.1.20...

WordPress DB Backup <= 6.0 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin DB Backup versions = 6.0...

WordPress The Plus Addons for Elementor Pro plugin < 6.3.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin The Plus Addons for Elementor Pro versions 6.3.7...

WordPress Youtube Vimeo Video Player and Slider <= 3.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Youtube Vimeo Video Player and Slider versions = 3.8...

WordPress Multimedia Playlist Slider Addon for WPBakery Page Builder <= 2.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Multimedia Playlist Slider Addon for WPBakery Page Builder versions = 2.1...

WordPress HTML5 Radio Player - WPBakery Page Builder Addon <= 2.5 - Cross Site Scripting (XSS) Vulnerability

WordPress HTML5 Radio Player - WPBakery Page Builder Addon = 2.5 - Cross Site Scripting XSS Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin HTML5 Radio Player - WPBakery Page Builder Addon versions = 2.5...

WordPress Revolution Video Player With Bottom Playlist <= 2.9.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Revolution Video Player With Bottom Playlist versions = 2.9.2...

WordPress Radio Player Shoutcast & Icecast <= 4.4.7 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Radio Player Shoutcast & Icecast versions = 4.4.7...

WordPress Simple Link Directory < 14.8.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Simple Link Directory versions 14.8.1...

WordPress JetWooBuilder plugin <= 2.1.20 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter in WordPress Plugin JetWooBuilder versions = 2.1.20...

WordPress IDonatePro <= 2.1.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin IDonatePro versions = 2.1.9...

WordPress Widget for Google Reviews <= 1.0.15 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Widget for Google Reviews versions = 1.0.15...

WordPress Formality <= 1.5.9 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by astra.r3verii in WordPress Plugin Formality versions = 1.5.9...

WordPress Ghost Kit <= 3.4.1 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by LVT-tholv2k in WordPress Plugin Ghost Kit versions = 3.4.1...

WordPress Maya Business <= 1.2.0 - Insecure Direct Object References (IDOR) Vulnerability

Insecure Direct Object References IDOR Vulnerability discovered by ch4r0n in WordPress Plugin Maya Business versions = 1.2.0...

WordPress JetSmartFilters <= 3.6.7 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by stealthcopter in WordPress Plugin JetSmartFilters versions = 3.6.7...

WordPress JetWooBuilder <= 2.1.20 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by stealthcopter in WordPress Plugin JetWooBuilder versions = 2.1.20...

WordPress JetMenu <= 2.4.11.1 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by stealthcopter in WordPress Plugin JetMenu versions = 2.4.11.1...