46606 matches found
WordPress Reprizo theme <= 1.0.8 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Reprizo versions = 1.0.8...
WordPress Promo theme <= 1.3.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Promo versions = 1.3.0...
WordPress Melania theme <= 2.5.0 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Melania versions = 2.5.0...
WordPress Mella theme <= 1.2.29 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Mella versions = 1.2.29...
WordPress Myour theme <= 1.5.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Myour versions = 1.5.1...
WordPress TheNa theme <= 1.5.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme TheNa versions = 1.5.5...
WordPress Electron theme <= 1.8.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Electron versions = 1.8.2...
WordPress xSmart theme <= 1.2.9.4 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...
WordPress xSmart theme <= 1.2.9.4 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...
WordPress xSmart theme <= 1.2.9.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme xSmart versions = 1.2.9.4...
WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
WordPress JNews - Frontend Submit plugin = 11.0.0 - Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Frontend Submit versions = 11.0.0...
WordPress Sales Countdown Timer for WooCommerce and WordPress plugin <= 1.1.8.1 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Sales Countdown Timer for WooCommerce and WordPress versions = 1.1.8.1...
WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by John P in WordPress Theme Orchid Store versions = 1.5.15...
WordPress JupiterX Core plugin <= 4.10.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin JupiterX Core versions = 4.10.1...
WordPress WP Lead Capturing Pages plugin <= 2.5 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Lead Capturing Pages versions = 2.5...
WordPress Drone theme <= 1.40 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Drone versions = 1.40...
WordPress Accordion Slider PRO plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Accordion Slider PRO versions = 1.2...
WordPress xPromoter plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin xPromoter versions = 1.3.4...
WordPress UiChemy plugin <= 4.4.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin UiChemy versions = 4.4.2...
WordPress Nex-Forms Express WP Form Builder plugin < 9.1.8 - Authenticated Stored XSS vulnerability
Authenticated Stored XSS vulnerability discovered by Vuln Seeker Cyber Security Team in WordPress Plugin NEX-Forms versions 9.1.8...
WordPress Shabat Keeper plugin <= 0.4.4 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] vulnerability
Reflected Cross-Site Scripting via $SERVER'PHPSELF' vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin Shabat Keeper versions = 0.4.4...
WordPress WP Page Permalink Extension plugin <= 1.5.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Rewrite Rules Flush vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary Rewrite Rules Flush vulnerability discovered by Legion Hunter in WordPress Plugin WP Page Permalink Extension versions = 1.5.4...
WordPress WooCommerce Square plugin <= 5.1.1 - Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability
Unauthenticated Insecure Direct Object Reference to Sensitive Information Exposure vulnerability discovered by DityaRA in WordPress Plugin WooCommerce Square versions = 5.1.1...
WordPress Ecwid Shopping Cart plugin <= 7.0.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Ecwid Shopping Cart versions = 7.0.6...
WordPress Energia theme <= 1.1.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Energia versions = 1.1.2...
WordPress DZS Video Gallery plugin <= 12.39 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin DZS Video Gallery versions = 12.39...
WordPress Flex QR Code Generator plugin <= 1.2.10 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin Flex QR Code Generator versions = 1.2.10...
WordPress Cream Magazine theme <= 2.1.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by John P in WordPress Theme Cream Magazine versions = 2.1.10...
WordPress Penci AI SmartContent Creator plugin <= 2.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci AI SmartContent Creator versions = 2.0...
WordPress iThemes Sync plugin <= 3.2.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin iThemes Sync versions = 3.2.8...
WordPress WP Popups plugin <= 2.2.0.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by theviper17 in WordPress Plugin WP Popups versions = 2.2.0.5...
WordPress Penci Filter Everything plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Filter Everything versions = 1.7...
WordPress Penci Podcast plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Podcast versions = 1.7...
WordPress Penci Recipe plugin <= 4.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Recipe versions = 4.1...
WordPress Easy Modal plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Doan Dinh Van in WordPress Plugin Easy Modal versions = 2.1.0...
WordPress Live sales notification for WooCommerce plugin <= 2.3.46 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Jitlada in WordPress Plugin Live sales notification for WooCommerce versions = 2.3.46...
WordPress PopCash.Net Code Integration Tool plugin <= 1.8 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin PopCash.Net Code Integration Tool versions = 1.8...
WordPress HurryTimer plugin <= 2.14.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by benzdeus in WordPress Plugin HurryTimer versions = 2.14.2...
WordPress Post Expirator plugin <= 4.9.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Post Expirator versions = 4.9.3...
WordPress Amelia plugin <= 1.2.38 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Amelia versions = 1.2.38...
WordPress Penci Shortcodes & Performance plugin <= 6.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Penci Shortcodes & Performance versions = 6.1...
WordPress Soledad theme <= 8.7.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Soledad versions = 8.7.2...
WordPress RegistrationMagic plugin <= 6.0.6.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by 0xd4rk5id3 in WordPress Plugin RegistrationMagic versions = 6.0.6.9...
WordPress TheGem Theme Elements (for WPBakery) plugin <= 5.11.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin TheGem Theme Elements for WPBakery versions = 5.11.0...
WordPress Landing Page Builder plugin <= 1.5.3.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin Landing Page Builder versions = 1.5.3.4...
WordPress Creator LMS plugin <= 1.1.12 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by NumeX in WordPress Plugin Creator LMS versions = 1.1.12...
WordPress Terms descriptions plugin <= 3.4.9 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Mrreee in WordPress Plugin Terms descriptions versions = 3.4.9...
WordPress Suggestion Toolkit plugin <= 5.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Mrreee in WordPress Plugin Suggestion Toolkit versions = 5.0...
WordPress Neoforum plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Mrreee in WordPress Plugin Neoforum versions = 1.0...
WordPress Neoforum plugin <= 1.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by Mrreee in WordPress Plugin Neoforum versions = 1.0...