46684 matches found
WordPress Netmix theme <= 1.0.10 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Netmix versions = 1.0.10...
WordPress Blabber theme <= 1.7.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Blabber versions = 1.7.0...
WordPress Saveo theme <= 1.1.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Saveo versions = 1.1.2...
WordPress Parkivia theme <= 1.1.9 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Parkivia versions = 1.1.9...
WordPress Impacto Patronus theme <= 1.2.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Impacto Patronus versions = 1.2.3...
WordPress Zio Alberto theme <= 1.2.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Zio Alberto versions = 1.2.2...
WordPress Fooddy theme <= 1.3.10 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Fooddy versions = 1.3.10...
WordPress Isida theme <= 1.4.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Isida versions = 1.4.2...
WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Gustavo versions = 1.2.2...
WordPress Marveland theme <= 1.3.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Marveland versions = 1.3.0...
WordPress Ironfit theme <= 1.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Ironfit versions = 1.5...
WordPress Redy theme <= 1.0.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Redy versions = 1.0.2...
WordPress Coworking theme <= 1.6.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Coworking versions = 1.6.1...
WordPress Jude theme <= 1.3.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Jude versions = 1.3.0...
WordPress Soleng theme <= 1.0.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Soleng versions = 1.0.5...
WordPress SevenTrees theme <=1.0.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme SevenTrees versions =1.0.2...
WordPress Rhodos theme <= 1.3.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Rhodos versions = 1.3.3...
WordPress Photolia theme <= 1.0.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Photolia versions = 1.0.3...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'create_mollie_account' vulnerability
Missing Authorization in 'createmollieaccount' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress MP-Ukagaka plugin <= 1.5.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin MP-Ukagaka versions = 1.5.2...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'create_mollie_profile' vulnerability
Missing Authorization in 'createmollieprofile' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Super Page Cache plugin <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability
Unauthenticated Stored Cross-Site Scripting via Activity Log vulnerability discovered by shark3y in WordPress Plugin Super Page Cache for Cloudflare versions = 5.2.2...
WordPress Geo Widet plugin <= 1.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Geo Widget versions = 1.0...
WordPress Address Bar Ads plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Address Bar Ads versions = 1.0.0...
WordPress StyleBidet plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin StyleBidet versions = 1.0.0...
WordPress WP Maps plugin <= 4.8.6 - Authenticated (Subscriber+) Limited Local File Inclusion vulnerability
Authenticated Subscriber+ Limited Local File Inclusion vulnerability discovered by mikemyers in WordPress Plugin WP Maps versions = 4.8.6...
WordPress Super Simple Contact Form plugin <= 1.6.2 - Reflected Cross-Site Scripting via 'sscf_name' Parameter vulnerability
Reflected Cross-Site Scripting via 'sscfname' Parameter vulnerability discovered by 0x34rth in WordPress Plugin Super Simple Contact Form versions = 1.6.2...
WordPress Zarinpal Gateway for WooCommerce plugin <= 5.0.16 - Improper Access Control to Payment Status Update vulnerability
Improper Access Control to Payment Status Update vulnerability discovered by shark3y in WordPress Plugin Zarinpal Gateway versions = 5.0.16...
WordPress WowRevenue plugin <= 2.1.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin WowRevenue versions = 2.1.3...
WordPress Build App Online plugin <= 1.0.22 - Account Takeover via Weak Password Reset Mechanism vulnerability
Account Takeover via Weak Password Reset Mechanism vulnerability discovered by Ram - Wordfence in WordPress Plugin Build App Online versions = 1.0.22...
WordPress A-Mart theme <= 1.0.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme A-Mart versions = 1.0.2...
WordPress WP Compress plugin <= 6.60.28 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin WP Compress versions = 6.60.28...
WordPress EventPrime plugin <= 4.2.8.4 - Missing Authorization to Unauthenticated Image Upload via 'ep_upload_file_media' AJAX Endpoint vulnerability
Missing Authorization to Unauthenticated Image Upload via 'epuploadfilemedia' AJAX Endpoint vulnerability discovered by Tharadol Suksamran d3kc4rt1 in WordPress Plugin EventPrime versions = 4.2.8.4...
WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin <= 1.50.2 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability
WordPress Forminator Forms - Contact Form, Payment Form & Custom Form Builder plugin = 1.50.2 - Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Tiến Dũng Nguyễn in WordPress Plugin Forminator versions = 1.50.2...
WordPress RegistrationMagic plugin < 6.0.7.2 - Subscriber+ Form Creation vulnerability
Subscriber+ Form Creation vulnerability discovered by bRpsd in WordPress Plugin RegistrationMagic versions 6.0.7.2...
WordPress WP-Members Membership Plugin plugin <= 3.4.8 - Missing Authorization to Sensitive Information Exposure vulnerability
Missing Authorization to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin WP-Members versions = 3.4.8...
WordPress Easy Social Feed plugin <= 6.5.2 - Missing Authorization to Settings Modification vulnerability
Missing Authorization to Settings Modification vulnerability discovered by Lucio Sá in WordPress Plugin Easy Social Feed versions = 6.5.2...
WordPress Backup Migration plugin <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url vulnerability
Authenticated Admin+ OS Command Injection via url vulnerability discovered by Françoa Taffarel in WordPress Plugin Backup Migration versions = 1.3.9...
WordPress Auto Featured Image (Auto Post Thumbnail) plugin <= 4.1.7 - Authenticated (Author+) Server-Side Request Forgery vulnerability
Authenticated Author+ Server-Side Request Forgery vulnerability discovered by Nex Team in WordPress Plugin Auto Featured Image Auto Post Thumbnail versions = 4.1.7...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'pt_cancel_subscription' vulnerability
Missing Authorization in 'ptcancelsubscription' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'update_profile_preference' vulnerability
Missing Authorization in 'updateprofilepreference' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'paytium_sw_save_api_keys' vulnerability
Missing Authorization in 'paytiumswsaveapikeys' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'check_for_verified_profiles' vulnerability
Missing Authorization in 'checkforverifiedprofiles' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'paytium_notice_dismiss' vulnerability
Missing Authorization in 'paytiumnoticedismiss' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Paytium: Mollie payment forms & donations plugin <= 4.3.7 - Missing Authorization in 'check_mollie_account_details' vulnerability
Missing Authorization in 'checkmollieaccountdetails' vulnerability discovered by WordFence in WordPress Plugin Paytium versions = 4.3.7...
WordPress Calculated Fields Form plugin <= 5.4.4.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by w41bu1 in WordPress Plugin Calculated Fields Form versions = 5.4.4.1...
WordPress CitiLights theme < 3.7.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme CitiLights versions 3.7.2...
WordPress Ippsum theme <= 1.2.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds in WordPress Theme Ippsum versions = 1.2.0...
WordPress Link Whisper Free plugin <= 0.9.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin Link Whisper Free versions = 0.9.1...
WordPress personal-authors-category plugin <= 0.3 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin personal-authors-category versions = 0.3...