WordPress Easy Upload Files During Checkout plugin <= 3.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Easy Upload Files During Checkout versions = 3.0.0...

WordPress WP Custom Admin Interface plugin <= 7.40 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin WP Custom Admin Interface versions = 7.40...

WordPress Co-marquage service-public.fr plugin <= 0.5.77 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Co-marquage service-public.fr versions = 0.5.77...

WordPress BoomDevs WordPress Coming Soon plugin plugin <= 1.0.4 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jitlada in WordPress Plugin BoomDevs WordPress Coming Soon versions = 1.0.4...

WordPress Direct Payments WP plugin <= 1.3.0 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Jitlada in WordPress Plugin Direct Payments WP versions = 1.3.0...

WordPress Hide Plugins plugin <= 1.0.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Hide Plugins versions = 1.0.4...

WordPress Order Cancellation & Returns for WooCommerce plugin <= 1.1.10 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by powpy in WordPress Plugin Order Cancellation & Returns for WooCommerce versions = 1.1.11...

WordPress WP Gmail SMTP plugin <= 1.0.7 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin WP Gmail SMTP versions = 1.0.7...

WordPress Orders Chat for WooCommerce plugin <= 1.2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by powpy in WordPress Plugin Orders Chat for WooCommerce versions = 1.2.0...

WordPress Post Snippets plugin <= 4.0.11 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Post Snippets versions = 4.0.11...

WordPress Sticky Notes for WP Dashboard plugin <= 1.2.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Sticky Notes for WP Dashboard versions = 1.2.4...

WordPress Appointify plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by 0xVenus in WordPress Plugin Appointify versions = 1.0.8...

WordPress Accordion Slider Gallery plugin <= 2.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Accordion Slider Gallery versions = 2.7...

WordPress All in One Accessibility plugin <= 1.15 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin All in One Accessibility versions = 1.15...

WordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rooting in WordPress Theme Vireo versions = 1.0.24...

WordPress Tasty Recipes Lite plugin <= 1.1.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Tasty Recipes Lite versions = 1.1.5...

WordPress Tasty Recipes Lite plugin <= 1.1.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Tasty Recipes Lite versions = 1.1.5...

WordPress Vireo theme <= 1.0.24 - Broken Access Control vulnerability

Software : Vireo Type : Theme Vulnerable versions : = 1.0.24 OWASP Top 10 : A1: Broken Access Control Classification : Broken Access Control CVE ID : CVE-2025-62751 Patchstack priority : Low CVSS severity : 4.3 Required privilege : Subscriber Developer : Claim ownership PSID : 110abd56a0bb Credit...

WordPress FormFacade plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin FormFacade versions = 1.4.1...

WordPress Gmedia Photo Gallery plugin <= 1.25.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by daroo in WordPress Plugin Gmedia Photo Gallery versions = 1.25.0...

WordPress iNext Woo Pincode Checker plugin <= 2.3.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin iNext Woo Pincode Checker versions = 2.3.1...

WordPress Mergado Pack plugin <= 4.2.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Mergado Pack versions = 4.2.1...

WordPress Post Video Players plugin <= 1.163 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Post Video Players versions = 1.163...

WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Live Shopping & Shoppable Videos For WooCommerce versions = 2.2.0...

WordPress Robots.txt rewrite plugin <= 1.6.1 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Robots.txt rewrite versions = 1.6.1...

WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin History Timeline versions = 1.0.6...

WordPress AI Content Writing Assistant (Content Writer, ChatGPT, Image Generator) All in One plugin <= 1.1.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NumeX in WordPress Plugin AI Content Writing Assistant Content Writer, ChatGPT, Image Generator All in One versions = 1.1.7...

WordPress Download Media Library plugin <= 0.2.1 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Nabil Irawan in WordPress Plugin Download Media Library versions = 0.2.1...

WordPress AI Copilot plugin <= 1.5.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin AI Copilot versions = 1.5.0...

WordPress Trash Duplicate and 301 Redirect plugin <= 1.9.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Trash Duplicate and 301 Redirect versions = 1.9.1...

WordPress WP Export Categories & Taxonomies plugin <= 1.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WP Export Categories & Taxonomies versions = 1.0.3...

WordPress Flowbox plugin <= 1.1.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Flowbox versions = 1.1.5...

WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Varnish/Nginx Proxy Caching versions = 1.8.3...

WordPress Featured Image Generator plugin <= 1.3.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Featured Image Generator versions = 1.3.3...

WordPress MyD Delivery plugin <= 1.4.3 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by powpy in WordPress Plugin MyD Delivery versions = 1.4.3...

WordPress RestroPress plugin <= 3.2.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin RestroPress versions = 3.2.4.2...

WordPress Gerencianet Oficial plugin <= 3.1.3 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Legion Hunter in WordPress Plugin Gerencianet Oficial versions = 3.1.3...

WordPress GS Portfolio for Envato plugin <= 1.4.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin GS Portfolio for Envato versions = 1.4.2...

WordPress Wiremo plugin <= 1.4.99 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Wiremo versions = 1.4.99...

WordPress EasyTest plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin EasyTest versions = 1.0.1...

WordPress Terms descriptions plugin <= 3.4.10 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Terms descriptions versions = 3.4.10...

WordPress Simple Like Page plugin <= 1.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Simple Like Page versions = 1.5.3...

WordPress Wawp plugin <= 4.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Wawp versions = 4.4...

WordPress QuadLayers TikTok Feed plugin <= 4.6.5 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin QuadLayers TikTok Feed versions = 4.6.5...

WordPress Master Addons for Elementor plugin <= 2.0.9.9.4 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Mdr in WordPress Plugin Master Addons for Elementor versions = 2.0.9.9.4...

WordPress Hotel Booking plugin <= 3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by benzdeus in WordPress Plugin Hotel Booking versions = 3.8...

WordPress DMCA Protection Badge plugin <= 2.2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin DMCA Protection Badge versions = 2.2.0...

WordPress Live Shopping & Shoppable Videos For WooCommerce plugin <= 2.2.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Muhammad Nur Ibnu Hubab in WordPress Plugin Live Shopping & Shoppable Videos For WooCommerce versions = 2.2.0...

WordPress Realbig plugin <= 1.1.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Realbig versions = 1.1.3...

WordPress Portfolio Gallery plugin <= 1.4.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Portfolio Gallery versions = 1.4.8...