About Alliance Leaderboard Vulnerability database WordPress security
Login

ptsfence

0
0
0
0
ptsfence
Alliance XP
0
Contributions
46
Contributions 46
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

Plugin

GS Insever Portfolio <= 1.4.5 Auth. Broken Access Control vulnerability

+0 AXP

5.4

14 December, 2022

Plugin

Add Multiple Marker <= 1.2 CrossSite Request Forgery (CSRF) vulnerability

5.4

11 November, 2022

Plugin

Add Multiple Marker <= 1.2 Missing Access Control vulnerability

6.5

11 November, 2022

Plugin

Activity Reactions For Buddypress <= 1.0.22 Broken Access Control vulnerability

4.3

11 November, 2022

Plugin

Activity Reactions For Buddypress <= 1.0.22 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

4.3

11 November, 2022

Plugin

Testimonial Slider <= 1.3.1 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

6.1

7 November, 2022

Plugin

AFS Analytics <= 4.20 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

31 October, 2022

Plugin

Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.0 Missing Authorization on AJAX Actions vulnerability

6.3

31 October, 2022

Plugin

Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.1 CrossSite Request Forgery (CSRF) vulnerability

8.8

31 October, 2022

Plugin

WP Bootstrap Gallery <= 1.1 Broken Access Control vulnerability

4.3

28 October, 2022

Plugin

Zoho CRM Lead Magnet <= 1.7.6.1 Auth. Arbitrary Options Update vulnerability

8.8

27 October, 2022

Plugin

Corona Virus (COVID-19) Banner & Live Data <= 1.7.0.6 19) Banner & Live Data plugin <= 1.7.0.6 CrossSite Request Forgery (CSRF) vulnerability

5.4

24 October, 2022

Plugin

2kb Amazon Affiliates Store <= 2.1.5 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

24 October, 2022

Plugin

Account Manager for WooCommerce <= 2.0.19 Broken Access Control vulnerability

4.3

13 October, 2022

Plugin

Accessibility <= 1.0.3 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

12 October, 2022

Plugin

AB Press Optimizer <= 1.1.1 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

12 October, 2022

Plugin

3com – Asesor de Cookies para normativa española <= 3.4.3 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

12 October, 2022

Plugin

Optinly <= 1.0.15 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

5.4

12 October, 2022

Plugin

Optinly <= 1.0.17 Broken Access Control vulnerability

+0 AXP

5.4

12 October, 2022

Plugin

5 Anker Connect <= 1.2.6 Reflected CrossSite Scripting (XSS) vulnerability

4.8

12 October, 2022

Plugin

SeoSamba for WordPress Webmasters <= 1.0.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

10 October, 2022

Plugin

Post Slider <= 1.6.7 Broken Access Control vulnerability

5.4

6 October, 2022

Plugin

WZone – Lite Version <= 3.1 Lite CrossSite Request Forgery (CSRF) vulnerability

4.3

30 September, 2022

Plugin

CPO Shortcodes <= 1.5.0 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

15 September, 2022

Plugin

PCA Predict <= 1.0.3 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

12 September, 2022

Plugin

Read more By Adam <= 1.1.8 CrossSite Request Forgery (CSRF) vulnerability

5.4

12 September, 2022

Plugin

Add Shortcodes Actions And Filters <= 2.0.9 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

12 September, 2022

Plugin

YDS Support Ticket System <= 1.0 CrossSite Request Forgery (CSRF) vulnerability

5.4

12 September, 2022

Plugin

Culture Object <= 4.0.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

8 September, 2022

Plugin

Contact Form By Mega Forms – Drag and Drop Form Builder <= 1.2.4 Authenticated Stored CrossSite Scripting (XSS) vulnerability

5.4

8 September, 2022

Plugin

WP Shop <= 3.9.6 Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities

6.5

31 August, 2022

Plugin

add2fav <= 1.0 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

31 August, 2022

Plugin

Add User Role <= 0.0.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

30 August, 2022

Plugin

Access Code Feeder <= 1.0.3 CrossSite Request Forgery (CSRF) vulnerability

5.5

25 August, 2022

Plugin

About Me <= 1.0.12 Broken Access Control vulnerability

7.6

25 August, 2022

Plugin

About Rentals <= 1.5 Missing Access Control vulnerability

7.3

25 August, 2022

Plugin

Accommodation System <= 1.0.1 Missing Access Control vulnerability

7.6

25 August, 2022

Plugin

SEO Scout <= 0.9.83 CrossSite Request Forgery (CSRF) vulnerability

5.4

25 August, 2022

Plugin

WC Marketplace <= 3.8.11.8 Unauthorized AJAX Calls Vulnerability

7.3

15 August, 2022

Plugin

Notification Bar for WordPress <= 1.1.8 Unauthenticated Stored CrossSite Scripting (XSS) vulnerability

6.1

12 August, 2022

Plugin

THE Leads Management System: 59sec LITE <= 3.4.1 Unauthenticated plugin settings change vulnerability

6.5

12 August, 2022

Plugin

Alpine PhotoTile for Pinterest <= 1.3.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

12 August, 2022

Plugin

AS – Create Pinterest Pinboard Pages <= 1.0 Authenticated plugin settings change leading to Stored CrossSite Scripting (XSS) vulnerability

5.4

10 August, 2022

Plugin

ЮKassa для WooCommerce <= 2.3.0 CrossSite Request Forgery (CSRF) leading to plugin settings update

5.4

29 July, 2022

Plugin

ЮKassa для WooCommerce <= 2.3.0 Authenticated Arbitrary Settings Update vulnerability

5.4

29 July, 2022

Plugin

Content Mask <= 1.8.4 Arbitrary Options Update vulnerability

5.4

3 May, 2022

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close