Cross-Site Request Forgery (CSRF) vulnerability in César Martín TOCHAT.BE allows Cross Site Request Forgery. This issue affects TOCHAT.BE: from n/a through 1.3.4. More information : https://patchstack.com/database/wordpress/plugin/tochat-be/vulnerability/wordpress-tochat-be-plugin-1-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WP-EXPERTS.IN Sales Count Manager for WooCommerce allows Stored XSS. This issue affects Sales Count Manager for WooCommerce: from n/a through 2.5. More...
Cross-Site Request Forgery (CSRF) vulnerability in Amin Y AgreeMe Checkboxes For WooCommerce allows Cross Site Request Forgery. This issue affects AgreeMe Checkboxes For WooCommerce: from n/a through 1.1.3. More information : https://patchstack.com/database/wordpress/plugin/agreeme-checkboxes-for-woocommerce/vulnerability/wordpress-agreeme-checkboxes-for-woocommerce-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in epeken Epeken All Kurir allows Stored XSS. This issue affects Epeken All Kurir: from n/a through 2.0.2. More information : https://patchstack.com/database/wordpress/plugin/epeken-all-kurir/vulnerability/wordpress-epeken-all-kurir-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in Heureka Group Heureka allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Heureka: from n/a through 1.1.0. More information : https://patchstack.com/database/wordpress/plugin/heureka/vulnerability/wordpress-heureka-plugin-1-1-0-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ProWCPlugins Product Time Countdown for WooCommerce allows Stored XSS. This issue affects Product Time Countdown for WooCommerce: from n/a through 1.6.4. More...
Missing Authorization vulnerability in Rouergue Création Editor Custom Color Palette allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Editor Custom Color Palette: from n/a through 3.4.8. More information : https://patchstack.com/database/wordpress/plugin/editor-custom-color-palette/vulnerability/wordpress-editor-custom-color-palette-plugin-3-4-8-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jose Vega WP Frontend Admin allows Stored XSS. This issue affects WP Frontend Admin: from n/a through 1.22.6. More information : https://patchstack.com/database/wordpress/plugin/display-admin-page-on-frontend/vulnerability/wordpress-wp-frontend-admin-plugin-1-22-6-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in AresIT WP Compress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WP Compress: from n/a through 6.50.54. More information : https://patchstack.com/database/wordpress/plugin/wp-compress-image-optimizer/vulnerability/wordpress-wp-compress-plugin-6-50-54-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ataur R GutenKit allows Stored XSS. This issue affects GutenKit: from n/a through 2.4.2. More information : https://patchstack.com/database/wordpress/plugin/gutenkit-blocks-addon/vulnerability/wordpress-gutenkit-plugin-2-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in DAEXT Import Markdown allows Stored XSS. This issue affects Import Markdown: from n/a through 1.14. More information : https://patchstack.com/database/wordpress/plugin/import-markdown/vulnerability/wordpress-import-markdown-plugin-1-14-cross-site-scripting-xss-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in Md Taufiqur Rahman RIS Version Switcher – Downgrade or Upgrade WP Versions Easily allows Cross Site Request Forgery. This issue affects RIS Version Switcher – Downgrade or Upgrade...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WPSuperiors Developer WooCommerce Additional Fees On Checkout (Free) allows Stored XSS. This issue affects WooCommerce Additional Fees On Checkout (Free): from n/a...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in webvitaly Login-Logout allows Stored XSS. This issue affects Login-Logout: from n/a through 3.8. More information : https://patchstack.com/database/wordpress/plugin/login-logout/vulnerability/wordpress-login-logout-plugin-3-8-cross-site-scripting-xss-vulnerability?_s_id=cve