Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Liton Arefin Master Addons for Elementor master-addons allows DOM-Based XSS.This issue affects Master Addons for Elementor: from n/a through
Missing Authorization vulnerability in wptravelengine Travel Booking travel-booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Booking: from n/a through
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through < 5.15.0. More information : https://patchstack.com/database/Wordpress/Plugin/fusion-core/vulnerability/wordpress-avada-core-plugin-5-15-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through
Cross-Site Request Forgery (CSRF) vulnerability in Janis Elsts Admin Menu Editor admin-menu-editor allows Cross Site Request Forgery.This issue affects Admin Menu Editor: from n/a through
Missing Authorization vulnerability in Wombat Plugins Advanced Product Fields (Product Addons) for WooCommerce advanced-product-fields-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Product Fields (Product Addons) for WooCommerce: from n/a through
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows DOM-Based XSS.This issue affects Active Products Tables for WooCommerce: from n/a through
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0. More information : https://patchstack.com/database/Wordpress/Plugin/fusion-builder/vulnerability/wordpress-fusion-builder-plugin-3-15-0-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder: from n/a through < 3.15.0. More information : https://patchstack.com/database/Wordpress/Plugin/fusion-builder/vulnerability/wordpress-fusion-builder-plugin-3-15-0-broken-access-control-vulnerability-2?_s_id=cve
Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core: from n/a through < 5.15.0. More information : https://patchstack.com/database/Wordpress/Plugin/fusion-core/vulnerability/wordpress-avada-core-plugin-5-15-0-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Elementor Elementor Website Builder elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Website Builder: from n/a through
Missing Authorization vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form by WPForms: from n/a through
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Atarim: from n/a through
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through