Missing Authorization vulnerability in NewClarity DMCA Protection Badge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects DMCA Protection Badge: from n/a through 2.2.0. More information : https://vdp.patchstack.com/database/wordpress/plugin/dmca-badge/vulnerability/wordpress-dmca-protection-badge-plugin-2-2-0-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Nik Melnik Realbig allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Realbig: from n/a through 1.1.3. More information : https://vdp.patchstack.com/database/wordpress/plugin/realbig-media/vulnerability/wordpress-realbig-plugin-1-1-3-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Marco Milesi WP Attachments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Attachments: from n/a through 5.2. More information : https://vdp.patchstack.com/database/wordpress/plugin/wp-attachments/vulnerability/wordpress-wp-attachments-plugin-5-2-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in nicdark Hotel Booking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hotel Booking: from n/a through 3.8. More information : https://vdp.patchstack.com/database/wordpress/plugin/nd-booking/vulnerability/wordpress-hotel-booking-plugin-3-8-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in SaifuMak Add Custom Codes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Add Custom Codes: from n/a through 4.80. More information : https://vdp.patchstack.com/database/wordpress/plugin/add-custom-codes/vulnerability/wordpress-add-custom-codes-plugin-4-80-broken-access-control-vulnerability?_s_id=cve
Insertion of Sensitive Information Into Sent Data vulnerability in Vladimir Statsenko Terms descriptions allows Retrieve Embedded Sensitive Data.This issue affects Terms descriptions: from n/a through 3.4.9. More information : https://vdp.patchstack.com/database/wordpress/plugin/terms-descriptions/vulnerability/wordpress-terms-descriptions-plugin-3-4-9-sensitive-data-exposure-vulnerability?_s_id=cve
Missing Authorization vulnerability in Channelize.Io Team Live Shopping & Shoppable Videos For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Live Shopping & Shoppable Videos For WooCommerce: from n/a through 2.2.0....
Missing Authorization vulnerability in Vollstart Serial Codes Generator and Validator with WooCommerce Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Serial Codes Generator and Validator with WooCommerce Support: from n/a through...
Missing Authorization vulnerability in Totalsoft Portfolio Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Portfolio Gallery: from n/a through 1.4.8. More information : https://vdp.patchstack.com/database/wordpress/plugin/gallery-portfolio/vulnerability/wordpress-portfolio-gallery-plugin-1-4-8-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Reuters News Agency Reuters Direct allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reuters Direct: from n/a through 3.0.0. More information : https://vdp.patchstack.com/database/wordpress/plugin/reuters-direct/vulnerability/wordpress-reuters-direct-plugin-3-0-0-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Wayne Allen Postie postie allows Stored XSS.This issue affects Postie: from n/a through 1.9.73. More information : https://vdp.patchstack.com/database/wordpress/plugin/postie/vulnerability/wordpress-postie-plugin-1-9-73-cross-site-scripting-xss-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Contact Form Widget allows Cross Site Request Forgery.This issue affects Contact Form Widget: from n/a through 1.5.1. More information : https://vdp.patchstack.com/database/wordpress/plugin/new-contact-form-widget/vulnerability/wordpress-contact-form-widget-plugin-1-5-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Missing Authorization vulnerability in CedCommerce WP Advanced PDF allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Advanced PDF: from n/a through 1.1.7. More information : https://vdp.patchstack.com/database/wordpress/plugin/wp-advanced-pdf/vulnerability/wordpress-wp-advanced-pdf-plugin-1-1-7-other-vulnerability-type-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Plainware Locatoraid Store Locator allows Stored XSS.This issue affects Locatoraid Store Locator: from n/a through 3.9.65. More information : https://vdp.patchstack.com/database/wordpress/plugin/locatoraid/vulnerability/wordpress-locatoraid-store-locator-plugin-3-9-65-cross-site-scripting-xss-vulnerability?_s_id=cve