The Shelf Planner plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several REST API endpoints in all versions up to, and including, 2.8.1. T
The Shelf Planner plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.1 through publicly exposed log files. This makes it possible for unauth
The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'Extension_Cont
The Appointment Booking Calendar Plugin – Bookr plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update-appointment REST API endpoint in
The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple REST API endpoin
The PGS Core plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to a missing capability check on multiple functions in all versions up to, and including, 5.8
The Block Editor Gallery Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the classic_gallery_slider_options() function in all versio
The Web and WooCommerce Addons for WPBakery Builder plugin for WordPress is vulnerable to unauthorized plugin settings modification due to a missing capability check on several plugin functions in all
The Listar – Directory Listing & Classifieds WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/listar/v1/place
The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'import_action' and 'install_plugin_per_demo' functions
The TI WooCommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wizard' function in all versions up to, and including, 2.9
The Search, Filters & Merchandising for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcis_save_email' endpoint in all v
The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_neofix_sdl_edit' AJAX endpoint along with many other
The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Content Access Rules REST API endpoints in versions
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to modification of data in all versions up to, and including, 4.2.9.2. This is due to missing capability checks on the Admin To
The Check Plagiarism plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the chk_plag_mine_plugin_wpse10500_admin_action() function in all vers
The Business Directory Plugin for WordPress is vulnerable to authorization bypass due to a missing authorization check in all versions up to, and including, 6.4.20. This makes it possible for unauthen
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_handle_api_key_actions function in all versions up to, and in
The RepairBuddy – Repair Shop CRM & Booking Plugin for WordPress plugin for WordPress is vulnerable to Insecure Direct Object Reference due to missing capability checks on the wc_upload_and_save_signa
The Booking Calendar and Notification plugin for WordPress is vulnerable to unauthorized access, modification, and loss of data due to missing capability checks on the wpcb_all_bookings(), wpcb_update
Page 1+ Next →