Missing Authorization vulnerability in Kommo Website Chat Button: Kommo integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Website Chat Button: Kommo integration: from n/a through 1.3.1. More information : https://patchstack.com/database/wordpress/plugin/website-chat-button-kommo-integration/vulnerability/wordpress-website-chat-button-kommo-integration-plugin-1-3-1-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in CridioStudio ListingPro Reviews allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ListingPro Reviews: from n/a through 1.6. More information : https://patchstack.com/database/wordpress/plugin/listingpro-reviews/vulnerability/wordpress-listingpro-reviews-plugin-1-6-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in VibeThemes WPLMS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLMS : from n/a through 4.970. More information : https://patchstack.com/database/wordpress/theme/wplms/vulnerability/wordpress-wplms-theme-4-970-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Modern Minds Magento 2 WordPress Integration allows Stored XSS. This issue affects Magento 2 WordPress Integration: from n/a through 1.4.1. More information...
Cross-Site Request Forgery (CSRF) vulnerability in EdwardBock Grid allows Stored XSS. This issue affects Grid: from n/a through 2.3.1. More information : https://patchstack.com/database/wordpress/plugin/grid/vulnerability/wordpress-grid-plugin-2-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Proof Factor LLC Proof Factor – Social Proof Notifications allows Stored XSS. This issue affects Proof Factor – Social Proof Notifications: from...
Use of Hard-coded Credentials vulnerability in Essekia Helpie FAQ allows Retrieve Embedded Sensitive Data. This issue affects Helpie FAQ: from n/a through 1.39. More information : https://patchstack.com/database/wordpress/plugin/helpie-faq/vulnerability/wordpress-helpie-faq-plugin-1-39-sensitive-data-exposure-vulnerability?_s_id=cve
Missing Authorization vulnerability in brandexponents Oshine Core allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Oshine Core: from n/a through 1.5.5. More information : https://patchstack.com/database/wordpress/plugin/oshine-core/vulnerability/wordpress-oshine-core-plugin-1-5-5-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in eZee Technosys eZee Online Hotel Booking Engine allows Stored XSS. This issue affects eZee Online Hotel Booking Engine: from n/a through 1.0.0....
Deserialization of Untrusted Data vulnerability in awesomesupport Awesome Support allows Object Injection. This issue affects Awesome Support: from n/a through 6.3.4. More information : https://patchstack.com/database/wordpress/plugin/awesome-support/vulnerability/wordpress-awesome-support-plugin-6-3-4-deserialization-of-untrusted-data-vulnerability?_s_id=cve
Missing Authorization vulnerability in Themeum Qubely allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Qubely: from n/a through 1.8.14. More information : https://patchstack.com/database/wordpress/plugin/qubely/vulnerability/wordpress-qubely-plugin-1-8-14-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Michel – xiligroup dev xili-language allows DOM-Based XSS. This issue affects xili-language: from n/a through 2.21.3. More information : https://patchstack.com/database/wordpress/plugin/xili-language/vulnerability/wordpress-xili-language-plugin-2-21-3-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Mattia Roccoberton Category Featured Images allows Stored XSS. This issue affects Category Featured Images: from n/a through 1.1.8. More information : https://patchstack.com/database/wordpress/plugin/category-featured-images/vulnerability/wordpress-category-featured-images-plugin-1-1-8-cross-site-scripting-xss-vulnerability?_s_id=cve
Use of Hard-coded Credentials vulnerability in Risto Niinemets Estonian Shipping Methods for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects Estonian Shipping Methods for WooCommerce: from n/a through 1.7.2. More information : https://patchstack.com/database/wordpress/plugin/estonian-shipping-methods-for-woocommerce/vulnerability/wordpress-estonian-shipping-methods-for-woocommerce-plugin-1-7-2-sensitive-data-exposure-vulnerability?_s_id=cve