Vulnerabilities
Stay ahead of the curve with our comprehensive coverage of WordPress plugin and theme vulnerabilities. Don’t let outdated software put your website at risk.
Critical Broken Access Control Vulnerability in WP Travel Plugin
A critical Broken Access Control vulnerability has been identified in the WP Travel plugin. This vulnerability could allow an unprivileged user to
Critical Broken Access Control Vulnerability in WooODT Lite Plugin
A critical Broken Access Control vulnerability has been identified in the WooODT Lite plugin. This vulnerability could allow an unprivileged user to
Critical Local File Inclusion Vulnerability in HTML filter and csv-file search Plugin
A critical Local File Inclusion (LFI) vulnerability has been identified in the HTML filter and csv-file search plugin. This vulnerability could allow
Critical Remote Code Execution Vulnerability in PHP to Page Plugin
A critical Remote Code Execution (RCE) vulnerability has been identified in the PHP to Page plugin. This vulnerability could allow a malicious
High-Severity XSS Vulnerability Found in Bonus for Woo Plugin
A Cross-Site Scripting (XSS) vulnerability has been found in the WordPress Bonus for Woo plugin version 7.1. This vulnerability could allow a
Critical Remote Code Execution Vulnerability in News & Blog Designer Pack – WordPress Blog Plugin Plugin
A critical Remote Code Execution (RCE) vulnerability has been identified in the WordPress News & Blog Designer Pack – WordPress Blog Plugin
Critical Arbitrary File Upload Vulnerability in Thumbnail Slider With Lightbox Plugin
A critical Arbitrary File Upload vulnerability has been identified in the Thumbnail Slider With Lightbox plugin. This vulnerability could allow a malicious
Bypass Vulnerability Detected in Admin and Site Enhancements (ASE) Plugin
A Bypass Vulnerability vulnerability has been discovered in the WordPress Admin and Site Enhancements (ASE) plugin. This vulnerability could allow a malicious
High-Severity Vulnerability Detected in My Shortcodes Plugin
A Broken Access Control vulnerability has been discovered in the WordPress My Shortcodes plugin. This vulnerability could allow an unprivileged user to
WordPress Custom My Account for Woocommerce Plugin Cross-Site Request Forgery (CSRF) Vulnerability
A Cross-Site Request Forgery (CSRF) vulnerability has been discovered in the WordPress Custom My Account for Woocommerce plugin. This vulnerability could allow
High-Severity Vulnerability Detected in Download CloudNet360 Plugin
A Cross-Site Scripting (XSS) vulnerability has been discovered in the WordPress Download CloudNet360 plugin. This vulnerability could allow a malicious actor to
Critical Settings Change Vulnerability in Deeper Comments Plugin
A critical Settings Change vulnerability has been identified in the Deeper Comments plugin. This vulnerability could allow a malicious actor to change
Critical Broken Access Control Vulnerability in Security & Malware scan by CleanTalk Plugin
A critical Broken Access Control vulnerability has been identified in the Security & Malware scan by CleanTalk plugin. This vulnerability could allow
Critical XSS Vulnerability in Smart Online Order for Clover Plugin
A critical Cross-Site Scripting (XSS) vulnerability has been identified in the Smart Online Order for Clover plugin. This vulnerability could allow a
WordPress Advanced Local Pickup for WooCommerce Plugin SQL Injection Vulnerability
A SQL Injection vulnerability has been discovered in the WordPress Advanced Local Pickup for WooCommerce Plugin. This vulnerability could allow a malicious