Server-Side Request Forgery (SSRF) vulnerability in silence Silencesoft RSS Reader allows Server Side Request Forgery. This issue affects Silencesoft RSS Reader: from n/a through 0.6. More information : https://patchstack.com/database/wordpress/plugin/external-rss-reader/vulnerability/wordpress-silencesoft-rss-reader-plugin-0-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in W3S Cloud Technology W3SCloud Contact Form 7 to Zoho CRM allows Stored XSS. This issue affects W3SCloud Contact Form 7 to Zoho CRM: from n/a through 3.0. More...
Cross-Site Request Forgery (CSRF) vulnerability in Taraprasad Swain HTACCESS IP Blocker allows Stored XSS. This issue affects HTACCESS IP Blocker: from n/a through 1.0. More information : https://patchstack.com/database/wordpress/plugin/htaccess-ip-blocker/vulnerability/wordpress-htaccess-ip-blocker-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in NewsMAN NewsmanApp allows Stored XSS. This issue affects NewsmanApp: from n/a through 2.7.7. More information : https://patchstack.com/database/wordpress/plugin/newsmanapp/vulnerability/wordpress-newsmanapp-plugin-2-7-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Missing Authorization vulnerability in HaruTheme Frames allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Frames: from n/a through 1.5.7. More information : https://patchstack.com/database/wordpress/theme/frames/vulnerability/wordpress-frames-theme-1-5-7-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in wpshuffle WP Subscription Forms PRO allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Subscription Forms PRO: from n/a through 2.0.5. More information : https://patchstack.com/database/wordpress/plugin/wp-subscription-forms-pro/vulnerability/wordpress-wp-subscription-forms-pro-plugin-2-0-5-arbitrary-content-deletion-vulnerability?_s_id=cve
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in honzat Page Manager for Elementor allows Retrieve Embedded Sensitive Data. This issue affects Page Manager for Elementor: from n/a through 2.0.5. More...
Missing Authorization vulnerability in webmaniabr Nota Fiscal Eletrônica WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nota Fiscal Eletrônica WooCommerce: from n/a through 3.4.0.6. More information : https://patchstack.com/database/wordpress/plugin/nota-fiscal-eletronica-woocommerce/vulnerability/wordpress-nota-fiscal-eletronica-woocommerce-plugin-3-4-0-6-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in sharkthemes Smart Related Products allows Stored XSS. This issue affects Smart Related Products: from n/a through 2.0.5. More information : https://patchstack.com/database/wordpress/plugin/ai-related-products/vulnerability/wordpress-smart-related-products-plugin-2-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve
Server-Side Request Forgery (SSRF) vulnerability in bdthemes ZoloBlocks allows Server Side Request Forgery. This issue affects ZoloBlocks: from n/a through 2.3.9. More information : https://patchstack.com/database/wordpress/plugin/zoloblocks/vulnerability/wordpress-zoloblocks-plugin-2-3-9-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in PickPlugins Job Board Manager allows DOM-Based XSS. This issue affects Job Board Manager: from n/a through 2.1.61. More information : https://patchstack.com/database/wordpress/plugin/job-board-manager/vulnerability/wordpress-job-board-manager-plugin-2-1-61-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Robin W bbp topic count allows DOM-Based XSS. This issue affects bbp topic count: from n/a through 3.1. More information : https://patchstack.com/database/wordpress/plugin/bbp-topic-count/vulnerability/wordpress-bbp-topic-count-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jennifer Moss MWW Disclaimer Buttons allows Stored XSS. This issue affects MWW Disclaimer Buttons: from n/a through 3.41. More information : https://patchstack.com/database/wordpress/plugin/mww-disclaimer-buttons/vulnerability/wordpress-mww-disclaimer-buttons-plugin-3-41-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in loopus WP Virtual Assistant allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Virtual Assistant: from n/a through 3.0. More information : https://patchstack.com/database/wordpress/plugin/virtualassistant/vulnerability/wordpress-wp-virtual-assistant-plugin-3-0-broken-access-control-vulnerability?_s_id=cve