About Alliance Leaderboard Vulnerability database WordPress security
Login

ptsfence

0
0
0
0
ptsfence
Alliance XP
0
Contributions
46
Contributions 46
Achievements Soon

Report WordPress vulnerabilities, earn prizes and become an Alliance member!

Join Patchstack Alliance

Plugin

GS Insever Portfolio <= 1.4.5 Auth. Broken Access Control vulnerability

+0 AXP

5.4

14.12.2022

Plugin

Add Multiple Marker <= 1.2 CrossSite Request Forgery (CSRF) vulnerability

5.4

11.11.2022

Plugin

Add Multiple Marker <= 1.2 Missing Access Control vulnerability

6.5

11.11.2022

Plugin

Activity Reactions For Buddypress <= 1.0.22 Broken Access Control vulnerability

4.3

11.11.2022

Plugin

Activity Reactions For Buddypress <= 1.0.22 CrossSite Request Forgery (CSRF) vulnerability

4.3

11.11.2022

Plugin

Testimonial Slider <= 1.3.1 CrossSite Request Forgery (CSRF) vulnerability

6.1

07.11.2022

Plugin

AFS Analytics <= 4.18 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

31.10.2022

Plugin

Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.0 Missing Authorization on AJAX Actions vulnerability

6.3

31.10.2022

Plugin

Restaurant Menu – Food Ordering System – Table Reservation <= 2.3.1 CrossSite Request Forgery (CSRF) vulnerability

8.8

31.10.2022

Plugin

WP Bootstrap Gallery <= 1.1 Broken Access Control vulnerability

4.3

28.10.2022

Plugin

Zoho CRM Lead Magnet <= 1.7.6.1 Auth. Arbitrary Options Update vulnerability

8.8

27.10.2022

Plugin

Corona Virus (COVID-19) Banner & Live Data <= 1.7.0.6 19) Banner & Live Data plugin <= 1.7.0.6 CrossSite Request Forgery (CSRF) vulnerability

5.4

24.10.2022

Plugin

2kb Amazon Affiliates Store <= 2.1.5 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

24.10.2022

Plugin

Account Manager for WooCommerce <= 2.0.19 Broken Access Control vulnerability

4.3

13.10.2022

Plugin

Accessibility <= 1.0.3 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

12.10.2022

Plugin

AB Press Optimizer <= 1.1.1 Auth. Stored CrossSite Scripting (XSS) vulnerability

4.8

12.10.2022

Plugin

3com – Asesor de Cookies para normativa española <= 3.4.3 Auth. Stored CrossSite Scripting (XSS) vulnerability

+0 AXP

4.8

12.10.2022

Plugin

Optinly <= 1.0.15 CrossSite Request Forgery (CSRF) vulnerability

+0 AXP

5.4

12.10.2022

Plugin

Optinly <= 1.0.17 Broken Access Control vulnerability

+0 AXP

5.4

12.10.2022

Plugin

5 Anker Connect <= 1.2.6 Reflected CrossSite Scripting (XSS) vulnerability

4.8

12.10.2022

Plugin

SeoSamba for WordPress Webmasters <= 1.0.5 CrossSite Request Forgery (CSRF) vulnerability

5.4

10.10.2022

Plugin

Post Slider <= 1.6.7 Broken Access Control vulnerability

5.4

06.10.2022

Plugin

WZone – Lite Version <= 3.1 Lite CrossSite Request Forgery (CSRF) vulnerability

4.3

30.09.2022

Plugin

CPO Shortcodes <= 1.5.0 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

15.09.2022

Plugin

PCA Predict <= 1.0.3 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

12.09.2022

Plugin

Read more By Adam <= 1.1.8 CrossSite Request Forgery (CSRF) vulnerability

5.4

12.09.2022

Plugin

Add Shortcodes Actions And Filters <= 2.0.9 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

12.09.2022

Plugin

YDS Support Ticket System <= 1.0 CrossSite Request Forgery (CSRF) vulnerability

5.4

12.09.2022

Plugin

Culture Object <= 4.0.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

08.09.2022

Plugin

Contact Form By Mega Forms – Drag and Drop Form Builder <= 1.2.4 Authenticated Stored CrossSite Scripting (XSS) vulnerability

5.4

08.09.2022

Plugin

WP Shop <= 3.9.6 Unauthenticated Plugin Settings Change & Data Deletion vulnerabilities

6.5

31.08.2022

Plugin

add2fav <= 1.0 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

31.08.2022

Plugin

Add User Role <= 0.0.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

30.08.2022

Plugin

Access Code Feeder <= 1.0.3 CrossSite Request Forgery (CSRF) vulnerability

5.5

25.08.2022

Plugin

About Me <= 1.0.12 Broken Access Control vulnerability

7.6

25.08.2022

Plugin

About Rentals <= 1.5 Missing Access Control vulnerability

7.3

25.08.2022

Plugin

Accommodation System <= 1.0.1 Missing Access Control vulnerability

7.6

25.08.2022

Plugin

SEO Scout <= 0.9.83 CrossSite Request Forgery (CSRF) vulnerability

5.4

25.08.2022

Plugin

WC Marketplace <= 3.8.11.8 Unauthorized AJAX Calls Vulnerability

7.3

15.08.2022

Plugin

Notification Bar for WordPress <= 1.1.8 Unauthenticated Stored CrossSite Scripting (XSS) vulnerability

6.1

12.08.2022

Plugin

THE Leads Management System: 59sec LITE <= 3.4.1 Unauthenticated plugin settings change vulnerability

6.5

12.08.2022

Plugin

Alpine PhotoTile for Pinterest <= 1.3.1 Authenticated Stored CrossSite Scripting (XSS) vulnerability

4.8

12.08.2022

Plugin

AS – Create Pinterest Pinboard Pages <= 1.0 Authenticated plugin settings change leading to Stored CrossSite Scripting (XSS) vulnerability

5.4

10.08.2022

Plugin

ЮKassa для WooCommerce <= 2.3.0 CrossSite Request Forgery (CSRF) leading to plugin settings update

5.4

29.07.2022

Plugin

ЮKassa для WooCommerce <= 2.3.0 Authenticated Arbitrary Settings Update vulnerability

5.4

29.07.2022

Plugin

Content Mask <= 1.8.4 Arbitrary Options Update vulnerability

5.4

03.05.2022

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close