WordPress WP Shortcodes Plugin - Shortcodes Ultimate plugin <= 7.4.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'max_width' Shortcode Attribute vulnerability

WordPress WP Shortcodes Plugin - Shortcodes Ultimate plugin = 7.4.10 - Authenticated Contributor+ Stored Cross-Site Scripting via 'maxwidth' Shortcode Attribute vulnerability discovered by Michael Iden Mickhat - Hack The Box in WordPress Plugin Shortcodes Ultimate versions = 7.4.10...

WordPress Performance Monitor plugin <= 1.0.6 - Unauthenticated Blind SSRF vulnerability

Unauthenticated Blind SSRF vulnerability discovered by Afshin Shekaari in WordPress Plugin Performance Monitor versions = 1.0.6...

WordPress Minify HTML plugin <= 2.1.12 - Cross-Site Request Forgery to Plugin Settings Update vulnerability

Cross-Site Request Forgery to Plugin Settings Update vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Minify HTML versions = 2.1.12...

WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin <= 3.15.5 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Post Author Reassignment via Avatar Field vulnerability

WordPress User Profile Builder - Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.15.5 - Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary Post Author Reassignment via Avatar Field vulnerability discovered by type5afe in WordPress Plugin Profile...

WordPress Contact Form by WPForms plugin <= 1.10.0.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by vladimir tokarev in WordPress Plugin Contact Form by WPForms versions = 1.10.0.2...

WordPress Simple Membership plugin <= 4.7.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jakub Herman in WordPress Plugin Simple Membership versions = 4.7.1...

WordPress Auto Post Scheduler plugin <= 1.84 - Cross-Site Request Forgery to Stored Cross-Site Scripting via aps_options_page vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting via apsoptionspage vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Auto Post Scheduler versions = 1.84...

WordPress WooPayments plugin <= 10.5.1 - Missing Authorization to Unauthenticated Plugin Settings Update via save_upe_appearance_ajax vulnerability

Missing Authorization to Unauthenticated Plugin Settings Update via saveupeappearanceajax vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WooCommerce Payments versions = 10.5.1...

WordPress Kubio AI Page Builder plugin <= 2.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by timomangcut in WordPress Plugin Kubio AI Page Builder versions = 2.7.0...

WordPress Loco Translate plugin <= 2.8.2 - Reflected Cross-Site Scripting via 'update_href' Parameter vulnerability

Reflected Cross-Site Scripting via 'updatehref' Parameter vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin Loco Translate versions = 2.8.2...

WordPress Oxygen theme <= 6.0.8 - Unauthenticated Server-Side Request Forgery via route_path vulnerability

Unauthenticated Server-Side Request Forgery via routepath vulnerability discovered by Ahmed Rayen Ayari in WordPress Theme Oxygen versions = 6.0.8...

WordPress Gravity SMTP plugin <= 2.1.4 - Unauthenticated Sensitive Information Exposure via REST API vulnerability

Unauthenticated Sensitive Information Exposure via REST API vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Gravity SMTP versions = 2.1.4...

WordPress Everest Forms Pro plugin <= 1.9.12 - Unauthenticated Remote Code Execution via Calculation Field vulnerability

Unauthenticated Remote Code Execution via Calculation Field vulnerability discovered by hoshino in WordPress Plugin Everest Forms Pro versions = 1.9.12...

WordPress Contact Form by Supsystic plugin <= 1.7.36 - Unauthenticated Server-Side Template Injection via Prefill Functionality vulnerability

Unauthenticated Server-Side Template Injection via Prefill Functionality vulnerability discovered by kiseki - Heroes Cyber Security in WordPress Plugin Contact Form by Supsystic versions = 1.7.36...

WordPress Royal Elementor Addons plugin <= 1.7.1056 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Royal Elementor Addons versions = 1.7.1056...

WordPress Ibtana - WordPress Website Builder plugin <= 1.2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

WordPress Ibtana - WordPress Website Builder plugin = 1.2.5.7 - Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Ibtana versions = 1.2.5.7...

WordPress Truebooker - Appointment Booking and Scheduler Plugin plugin <= 1.1.4 - Sensitive Information Exposure via Views Files vulnerability

WordPress Truebooker - Appointment Booking and Scheduler Plugin plugin = 1.1.4 - Sensitive Information Exposure via Views Files vulnerability discovered by Kazuma Matsumoto - GMO Cybersecurity by IERAE, Inc. in WordPress Plugin TrueBooker versions = 1.1.4...

WordPress Debugger & Troubleshooter plugin <= 1.3.2 - Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation vulnerability

Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Debugger & Troubleshooter versions = 1.3.2...

WordPress Fluent Booking plugin <= 2.0.01 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters vulnerability

Unauthenticated Stored Cross-Site Scripting via Multiple Parameters vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin Fluent Booking versions = 2.0.01...

WordPress Ultimate Member plugin <= 2.11.2 - Authenticated (Contributor+) Sensitive Information Exposure to Account Takeover via Shortcode Template Tag vulnerability

Authenticated Contributor+ Sensitive Information Exposure to Account Takeover via Shortcode Template Tag vulnerability discovered by HDH - FPT Software in WordPress Plugin Ultimate Member versions = 2.11.2...

WordPress Blackhole for Bad Bots plugin <= 3.8 - Unauthenticated Stored Cross-Site Scripting via User-Agent HTTP Header vulnerability

Unauthenticated Stored Cross-Site Scripting via User-Agent HTTP Header vulnerability discovered by Huynh Pham Thanh Luc in WordPress Plugin Blackhole for Bad Bots versions = 3.8...

WordPress LeadConnector plugin < 3.0.22 - Unauthenticated Rest Call vulnerability

Unauthenticated Rest Call vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin LeadConnector versions 3.0.22...

WordPress Shared Files plugin < 1.7.58 - Contributor+ Arbitrary File Download vulnerability

Contributor+ Arbitrary File Download vulnerability discovered by Muhammad Rohan khan in WordPress Plugin Shared Files versions 1.7.58...

WordPress Frontend Admin by DynamiApps plugin <= 3.28.31 - Authenticated (Editor+) PHP Object Injection via 'post_content' of Admin Form Posts vulnerability

Authenticated Editor+ PHP Object Injection via 'postcontent' of Admin Form Posts vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Frontend Admin by DynamiApps versions = 3.28.31...

WordPress FloristPress for Woo plugin <= 7.8.2 - Reflected Cross-Site Scripting via 'noresults' Parameter vulnerability

Reflected Cross-Site Scripting via 'noresults' Parameter vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin FloristPress versions = 7.8.2...

WordPress JS Help Desk - AI-Powered Support & Ticketing System plugin <= 3.0.4 - Unauthenticated SQL Injection via 'multiformid' Parameter vulnerability

WordPress JS Help Desk - AI-Powered Support & Ticketing System plugin = 3.0.4 - Unauthenticated SQL Injection via 'multiformid' Parameter vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin JS Help Desk versions = 3.0.4...

WordPress SureForms plugin <= 2.5.2 - Unauthenticated Payment Amount Validation Bypass via 'form_id' vulnerability

Unauthenticated Payment Amount Validation Bypass via 'formid' vulnerability discovered by Jack Pas Dark. - Black Lantern Security in WordPress Plugin SureForms versions = 2.5.2...

WordPress Masteriyo LMS plugin <= 2.1.6 - Missing Authorization to Authenticated (Student+) Privilege Escalation to Administrator vulnerability

Missing Authorization to Authenticated Student+ Privilege Escalation to Administrator vulnerability discovered by Hunter Jensen skid in WordPress Plugin Masteriyo - LMS versions = 2.1.6...

WordPress Responsive Plus plugin < 3.4.3 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin Responsive Plus versions 3.4.3...

WordPress WP Job Portal plugin <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field vulnerability

Authenticated Subscriber+ Arbitrary File Deletion via Resume Custom File Field vulnerability discovered by daroo in WordPress Plugin WP Job Portal versions = 2.4.9...

WordPress ThemeREX Addons plugin < 2.38.5 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by Erwan LR WPScan in WordPress Plugin ThemeREX Addons versions 2.38.5...

WordPress Download Monitor plugin <= 5.1.7 - Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id' vulnerability

Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'orderid' vulnerability discovered by Hung Nguyen bashu - VN in WordPress Plugin Download Monitor versions = 5.1.7...

WordPress Twentig plugin <= 1.9.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'featuredImageSizeWidth' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'featuredImageSizeWidth' vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Twentig Supercharged Block Editor versions = 1.9.7...

WordPress WP Lightbox 2 plugin < 3.0.7 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin WP Lightbox 2 versions 3.0.7...

WordPress Conditional Menus plugin <= 1.2.6 - Cross-Site Request Forgery to Menu Options Update vulnerability

Cross-Site Request Forgery to Menu Options Update vulnerability discovered by Daniel Basta whizzu - NASK PIB in WordPress Plugin Conditional Menus versions = 1.2.6...

WordPress Complianz - GDPR/CCPA Cookie Consent plugin <= 7.4.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Content Filter vulnerability

WordPress Complianz - GDPR/CCPA Cookie Consent plugin = 7.4.4.2 - Authenticated Contributor+ Stored Cross-Site Scripting via Content Filter vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Complianz versions = 7.4.4.2...

WordPress Elementor Website Builder plugin <= 3.35.7 - Incorrect Authorization to Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template vulnerability

Incorrect Authorization to Authenticated Contributor+ Sensitive Information Exposure via Elementor Template vulnerability discovered by shark3y in WordPress Plugin Elementor Website Builder versions = 3.35.7...

WordPress Advanced Coupons for WooCommerce Coupons plugin <= 4.7.1.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by timomangcut in WordPress Plugin Advanced Coupons for WooCommerce Coupons versions = 4.7.1.1...

WordPress AI Engine (Pro) plugin < 3.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin AI Engine Pro versions 3.4.2...

WordPress Tourfic plugin <= 2.21.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Tourfic versions = 2.21.4...

WordPress Quads Ads Manager for Google AdSense plugin <= 2.0.98.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Ad Metadata Parameters vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Multiple Ad Metadata Parameters vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Ads by WPQuads versions = 2.0.98.1...

WordPress Pagelayer plugin <= 2.0.7 - Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email' vulnerability

Improper Neutralization of CRLF Sequences to Unauthenticated Email Header Injection via 'email' vulnerability discovered by Drew Webber mcdruid in WordPress Plugin PageLayer versions = 2.0.7...

WordPress Ninja Forms plugin <= 3.14.1 - Authenticated (Contributor+) Sensitive Information Disclosure via Block Editor Token vulnerability

Authenticated Contributor+ Sensitive Information Disclosure via Block Editor Token vulnerability discovered by Lucas Montes NiRoX in WordPress Plugin Ninja Forms versions = 3.14.1...

WordPress Amelia Booking Pro plugin <= 9.1.2 - Authenticated (Customer+) Insecure Direct Object Reference to Arbitrary User Password Change vulnerability

Authenticated Customer+ Insecure Direct Object Reference to Arbitrary User Password Change vulnerability discovered by Hunter Jensen skid in WordPress Plugin Amelia versions = 9.1.2...

WordPress DSGVO snippet for Leaflet Map and its Extensions plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'unset' Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'unset' Attribute vulnerability discovered by zaim in WordPress Plugin DSGVO snippet for Leaflet Map and its Extensions versions = 3.1...

WordPress FormLift for Infusionsoft Web Forms plugin <= 7.5.21 - Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow vulnerability

Missing Authorization to Unauthenticated Infusionsoft Connection Hijack via OAuth Connection Flow vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin FormLift for Infusionsoft Web Forms versions = 7.5.21...

WordPress Simple Download Counter plugin <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'text' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'text' Shortcode Attribute vulnerability discovered by zaim in WordPress Plugin Simple Download Counter versions = 2.3...

WordPress Blog2Social: Social Media Auto Post & Scheduler plugin <= 8.8.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Deletion via 'b2s_reset_social_meta_tags' AJAX Action vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Post Meta Deletion via 'b2sresetsocialmetatags' AJAX Action vulnerability discovered by s00me00ne in WordPress Plugin Blog2Social versions = 8.8.2...

WordPress BWL Advanced FAQ Manager Lite plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'sbox_id' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'sboxid' Shortcode Attribute vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BWL Advanced FAQ Manager Lite versions = 1.1.1...

WordPress ShortPixel Image Optimizer plugin <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via Attachment Title vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Attachment Title vulnerability discovered by daroo in WordPress Plugin ShortPixel Image Optimizer versions = 6.4.3...