Plugin
Admin Management Xtended
Post Visibility/Date/Comment Status Update via CSRF vulnerability
6.3
20.06.2022
Plugin
Cache Images
Image Upload / Import via CrossSite Request Forgery (CSRF) vulnerability
4.3
20.06.2022
Plugin
WP Maintenance Mode & Coming Soon
Subscribed Users Deletion via CrossSite Request Forgery (CSRF) vulnerability
5.4
20.06.2022
Plugin
Shortcodes and extra features for Phlox theme
Reflected CrossSiteScripting (XSS) vulnerability
4.7
20.06.2022
Plugin
WP Event Manager
Reflected CrossSite Scripting (XSS) vulnerability
6.1
20.06.2022
Plugin
WooCommerce
Authenticated Stored HTML Injection vulnerability
4.8
20.06.2022
Plugin
Bold Page Builder
Authenticated Stored CrossSite Scripting (XSS) vulnerability
4.8
20.06.2022
Plugin
Very Simple Breadcrumb
Authenticated Stored CrossSite Scripting (XSS) vulnerability
4.8
20.06.2022
Plugin
LinkedIn Company Updates
Authenticated Stored CrossSite Scripting (XSS) vulnerability
4.8
20.06.2022
Plugin
WooCommerce PDF Invoices & Packing Slips
Reflected CrossSite Scripting (XSS) vulnerability
6.1
20.06.2022
Plugin
GiveWP
Reflected CrossSite Scripting (XSS) vulnerability
6.1
20.06.2022
Plugin
Cache Images
Authenticated SQL Injection (SQLi) vulnerability
7.4
17.06.2022
Plugin
Popup Builder
CrossSite Request Forgery (CSRF) vulnerability leading to Popup Status Change
5.4
17.06.2022
Plugin
GiveWP
Donor Information Disclosure vulnerability
5.3
17.06.2022
Plugin
Button Widget Smartsoft
CrossSite Request Forgery (CSRF) vulnerability to CrossSite Scripting (XSS)
8.8
16.06.2022
Plugin
Wbcom Designs – BuddyPress Group Reviews
Unauthorized AJAX Actions due to Nonce Bypass
8.8
16.06.2022
Plugin
Core plugin for Kitestudio themes
Reflected CrossSiteScripting (XSS) vulnerability
6.1
16.06.2022
Plugin
WP-Paginate
Authenticated Stored CrossSite Scripting (XSS) vulnerability
4.8
16.06.2022
Plugin
Social Media Share Buttons
Authenticated Stored CrossSite Scripting (XSS) vulnerability
3.4
16.06.2022
Plugin
Ninja Forms
Unauthenticated PHP Object Injection vulnerability
9.8
15.06.2022