The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check in the 'actualizador_git.php' file in all versions up to, and including, 1.0.11. This makes it
The LWSCache plugin for WordPress is vulnerable to unauthorized modification of data due to improper authorization on the lwscache_activatePlugin() function in all versions up to, and including, 2.8.5
The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, ChatGPT ChatBot & AI Toolkit plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a miss
The LearnDash LMS – Reports plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions (i.e. wrld_set_configuration, wrld_exclude_se
The weDocs plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.1.14. This is due to the plugin not properly verifying that a user is authorized to perform
The Features plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'features_revert_option AJAX endpoint in all versions up to, and including
The KiotViet Sync plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveConfig() function in all versions up to, and including, 1.8.5. Th
The Splitit plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on several functions in the 'splitIt-flexfields-payment-gateway.php' file in all ve
The Secufor_OAuth plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.0.7. This is due to the plugin not properly verifying that a user is authorized to p
The AI Engine plugin for WordPress is vulnerable to open redirect in version 2.8.4. This is due to an insecure OAuth implementation, as the 'redirect_uri' parameter is missing validation during the au
The All in One SEO – Powerful SEO Plugin to Boost SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `/aioseo/v1
The Read more By Adam plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the deleteRm() function in all versions up to, and including, 1.1.8. This mak
The Comments – wpDiscuz plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.6.24. This is due to insufficient verification on the user being returned by
The User Feedback – Create Interactive Feedback Form, User Surveys, and Polls in Seconds plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the `may
The Uncanny Automator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in versions up to, and including, 6.4.0.2. Th
The Check Plagiarism plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the chk_plag_mine_plugin_wpse10500_admin_action() function in all vers
The Payaza plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_nopriv_update_order_status' AJAX endpoint in all versions up to, an
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check o
The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the hs_update_ai_chat_settings() and hive_lite_support_get_all_
The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and includi