The StaffList plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.2.3. This is due to missing or incorrect nonce validation on the 'stafflist' page
The StaffList plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escapin
The Resource Library for Logged In Users plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing nonce validation on multiple
The ShopSite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.10. This is due to missing or incorrect nonce validation on a function. This mak
The WordPress Automatic Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.118.0. This is due to missing or incorrect nonce validation on o
The Amazon Scraper plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on a function. This
The Visit Counter plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the widgets.php page. This makes it possible
The WIP Incoming Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation on the save_opt
The Mailchimp List Subscribe Form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation on
The Stop Spammers Classic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2026.1. This is due to missing nonce validation in the ss_addtoallowlis
The Wishlist for WooCommerce: Multi Wishlists Per Customer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.1.7. This is due to missing or incor
The Coding Blocks plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing nonce validation on the settings update functiona
The Custom Login And Signup Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation in t
The Moderate Selected Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing nonce verification on the msp_admin_page(
The AuthorSure plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.3. This is due to missing or incorrect nonce validation on the 'authorsure' page
The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.0. This is due to missing nonce verification on the settings form in the func_
The Newsletter Email Subscribe plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.4. This is due to incorrect nonce validation on the nels_settings_pa
The Simple add pages or posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.0. This is due to missing or incorrect nonce validation. This m
The WPC Order Notes for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.2. This is due to missing or incorrect nonce validation o
The Latest Tabs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the settings update
Page 1+ Next →