46684 matches found
WordPress WordPress CTA plugin <= 2.1.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin WordPress CTA versions = 2.1.2...
WordPress Agrofood theme < 1.4.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Agrofood versions 1.4.0...
WordPress Thebe theme <= 1.3.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Thebe versions = 1.3.0...
WordPress Solaris theme <= 2.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Solaris versions = 2.5...
WordPress Pets Club theme <= 2.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Pets Club versions = 2.3...
WordPress Handyman theme <= 1.4.7 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Handyman versions = 1.4.7...
WordPress Cookiteer theme <= 1.4.8 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Cookiteer versions = 1.4.8...
WordPress Classter theme <= 2.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Classter versions = 2.5...
WordPress Wanderland theme <= 1.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Wanderland versions = 1.5...
WordPress Askka theme <= 1.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Askka versions = 1.0...
WordPress Remons theme <= 1.3.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Remons versions = 1.3.4...
WordPress Hoverex theme <= 1.5.10 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Hoverex versions = 1.5.10...
WordPress Don Peppe theme <= 1.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Don Peppe versions = 1.3...
WordPress Berger theme <= 1.1.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Berger versions = 1.1.1...
WordPress Prowess theme <= 1.8.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Prowess versions = 1.8.1...
WordPress Thecs theme <= 1.4.7 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Thecs versions = 1.4.7...
WordPress TheBi theme <= 1.0.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme TheBi versions = 1.0.5...
WordPress Nutrie theme < 2.0.1 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nutrie versions 2.0.1...
WordPress Lendiz theme < 2.0.1 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Lendiz versions 2.0.1...
WordPress Keenarch theme < 2.0.1 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Keenarch versions 2.0.1...
WordPress Grand Wedding theme <= 3.1.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Grand Wedding versions = 3.1.0...
WordPress Charety theme < 2.0.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Charety versions 2.0.2...
WordPress Car Zone theme <= 3.7 - Deserialization of untrusted data vulnerability
Deserialization of untrusted data vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Car Zone versions = 3.7...
WordPress WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.5 - Unauthenticated Stored Cross-Site Scripting vulnerability
Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin WP Zendesk for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms versions = 1.1.5...
WordPress Contest Gallery plugin <= 28.1.4 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by Thomas Sanzey in WordPress Plugin Contest Gallery versions = 28.1.4...
WordPress User Registration & Membership plugin <= 5.1.2 - Unauthenticated Privilege Escalation via Membership Registration vulnerability
Unauthenticated Privilege Escalation via Membership Registration vulnerability discovered by Foxyyy in WordPress Plugin User Registration versions = 5.1.2...
WordPress All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin <= 2.2.5 - Authentication Bypass vulnerability
Authentication Bypass vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login versions = 2.2.5...
WordPress wpDataTables plugin <= 6.5.0.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin wpDataTables versions = 6.5.0.1...
WordPress Master Addons for Elementor Premium plugin <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview vulnerability
Authenticated Subscriber+ Remote Code Execution via renderpreview vulnerability discovered by Ren Voza in WordPress Plugin Master Addons for Elementor Premium versions = 2.1.3...
WordPress Page Builder by SiteOrigin plugin <= 2.33.5 - Authenticated (Contributor+) Local File Inclusion vulnerability
Authenticated Contributor+ Local File Inclusion vulnerability discovered by dragonzenai - AhnLab in WordPress Plugin Page Builder by SiteOrigin versions = 2.33.5...
WordPress LatePoint plugin <= 5.2.7 - Authenticated (Administrator+) SQL Injection via JSON Import vulnerability
Authenticated Administrator+ SQL Injection via JSON Import vulnerability discovered by Chiao-Lin Yu Steven Meow - Trend Micro in WordPress Plugin LatePoint versions = 5.2.7...
WordPress Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload vulnerability
WordPress Uncanny Automator - Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin = 7.0.0.3 - Authenticated Administrator+ Server-Side Request Forgery to Arbitrary File Upload vulnerability discovered by lucsob in WordPress Plugin Uncanny Automator versions = 7.0.0.3...
WordPress AI ChatBot with ChatGPT and Content Generator by AYS plugin <= 2.7.5 - Missing Authorization to Unauthenticated API Key Modification vulnerability
Missing Authorization to Unauthenticated API Key Modification vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.7.5...
WordPress Blocksy plugin <= 2.1.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via `blocksy_meta` Fields vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via blocksymeta Fields vulnerability discovered by Quốc Huy jtwings - Puramu in WordPress Theme Blocksy versions = 2.1.30...
WordPress WP Food plugin < 2.7.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin WP Food versions 2.7.1...
WordPress BigHearts theme <= 3.1.14 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO in WordPress Theme BigHearts versions = 3.1.14...
WordPress LMS Elementor Pro plugin <= 1.0.4 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by luc in WordPress Plugin LMS Elementor Pro versions = 1.0.4...
WordPress Widget Options plugin <= 4.1.3 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by mcdruid in WordPress Plugin Widget Options versions = 4.1.3...
WordPress Super Stage WP plugin <= 1.0.1 - Unauthenticated PHP Object Injection vulnerability
Unauthenticated PHP Object Injection vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin Super Stage WP versions = 1.0.1...
WordPress Ratatouille theme <= 1.2.6 - Server Side Request Forgery (SSRF) vulnerability
Server Side Request Forgery SSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ratatouille versions = 1.2.6...
WordPress EventON plugin <= 4.9.12 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin EventON versions = 4.9.12...
WordPress Ultimate Addons for WPBakery Page Builder plugin <= 3.21.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Ultimate Addons for WPBakery Page Builder versions = 3.21.1...
WordPress Listify plugin <= 3.2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Listify versions = 3.2.5...
WordPress VW School Education theme <= 1.4.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW School Education versions = 1.4.6...
WordPress VW Portfolio theme <= 1.3.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW Portfolio versions = 1.3.3...
WordPress VW Photography theme <= 1.3.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW Photography versions = 1.3.8...
WordPress Humanum theme <= 1.1.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Humanum versions = 1.1.4...
WordPress OsTende theme <= 1.4.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme OsTende versions = 1.4.3...
WordPress VW Pet Shop theme <= 1.4.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW Pet Shop versions = 1.4.7...
WordPress The Qlean theme <= 2.12 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme The Qlean versions = 2.12...