Cross-Site Request Forgery (CSRF) vulnerability in Fastly Fastly allows Cross Site Request Forgery. This issue affects Fastly: from n/a through 1.2.28. More information : https://patchstack.com/database/wordpress/plugin/fastly/vulnerability/wordpress-fastly-plugin-1-2-28-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in Bage Flexible FAQ allows Cross Site Request Forgery. This issue affects Flexible FAQ: from n/a through 0.2. More information : https://patchstack.com/database/wordpress/plugin/flexible-faq/vulnerability/wordpress-flexible-faq-plugin-0-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in LIJE Show Pages List allows Cross Site Request Forgery. This issue affects Show Pages List: from n/a through 1.2.0. More information : https://patchstack.com/database/wordpress/plugin/show-pages-list/vulnerability/wordpress-show-pages-list-plugin-1-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Techeshta Card Elements for WPBakery allows DOM-Based XSS. This issue affects Card Elements for WPBakery: from n/a through 1.0.8. More information :...
Missing Authorization vulnerability in ONTRAPORT PilotPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PilotPress: from n/a through 2.0.35. More information : https://patchstack.com/database/wordpress/plugin/pilotpress/vulnerability/wordpress-pilotpress-plugin-2-0-35-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Maidul Team Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Team Manager: from n/a through 2.3.14. More information : https://patchstack.com/database/wordpress/plugin/wp-team-manager/vulnerability/wordpress-team-manager-plugin-2-3-14-broken-access-control-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in Bytes.co WP Compiler allows Cross Site Request Forgery. This issue affects WP Compiler: from n/a through 1.0.0. More information : https://patchstack.com/database/wordpress/plugin/wp-compiler/vulnerability/wordpress-wp-compiler-plugin-1-0-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in wpo-HR NGG Smart Image Search allows Stored XSS. This issue affects NGG Smart Image Search: from n/a through 3.4.3. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Aum Watcharapon Designil PDPA Thailand allows Stored XSS. This issue affects Designil PDPA Thailand: from n/a through 2.0. More information : https://patchstack.com/database/wordpress/plugin/pdpa-thailand/vulnerability/wordpress-designil-pdpa-thailand-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Classic Widgets with Block-based Widgets: from n/a through 1.0.1. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in webvitaly Page-list allows Stored XSS. This issue affects Page-list: from n/a through 5.7. More information : https://patchstack.com/database/wordpress/plugin/page-list/vulnerability/wordpress-page-list-plugin-5-7-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Nextendweb Nextend Facebook Connect allows Stored XSS. This issue affects Nextend Facebook Connect : from n/a through 3.1.19. More information : https://patchstack.com/database/wordpress/plugin/nextend-facebook-connect/vulnerability/wordpress-nextend-facebook-connect-plugin-3-1-19-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Search Atlas Search Atlas SEO allows Stored XSS. This issue affects Search Atlas SEO: from n/a through 2.5.4. More information : https://patchstack.com/database/wordpress/plugin/metasync/vulnerability/wordpress-search-atlas-seo-plugin-2-5-4-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jeroen Schmit Theater for WordPress allows Stored XSS. This issue affects Theater for WordPress: from n/a through 0.18.8. More information : https://patchstack.com/database/wordpress/plugin/theatre/vulnerability/wordpress-theater-for-wordpress-plugin-0-18-8-cross-site-scripting-xss-vulnerability?_s_id=cve