The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engtz_wd_save_dropship AJAX endpoint in al
The LTL Freight Quotes – Freightview Edition, LTL Freight Quotes – Daylight Edition and LTL Freight Quotes – Day & Ross Edition plugins for WordPress are vulnerable to Stored Cross-Site Scripting via
The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is vulnerable to Missing Authorization via the plugin's webhook handler in all versions up to, and including, 3.3.13. This is due to
The EPROLO Dropshipping plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wp_ajax_eprolo_delete_tracking and wp_ajax_eprolo_save_tracking
WordPress Plugin Baggage Freight Shipping Australia 0.1.0 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files by exploiting the upload-pa
The LearnDash LMS – Reports plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions (i.e. wrld_set_configuration, wrld_exclude_se
The GLS Shipping for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'failed_orders' parameter in all versions up to, and including, 1.4.0 due to insufficient
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_oauth_data function
The LLM Hubspot Blog Import plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'process_save_blogs' AJAX endpoint in all versions up to, a
The Import Export For WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the update_setting() function in all versions up to, and
The MIMO Woocommerce Order Tracking plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions in all versions up to, and including,
The Float Payment Gateway plugin for WordPress is vulnerable to unauthorized modification of data due to improper error handling in the verifyFloatResponse() function in all versions up to, and includ
The NitroPack plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the nitropack_set_compression_ajax() function in all versions up to, and incl
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the catch_lp_ajax function in all versions up to, and
The Simple Downloads List plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_neofix_sdl_edit' AJAX endpoint along with many other
The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'import_action' and 'install_plugin_per_demo' functions
The Search, Filters & Merchandising for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wcis_save_email' endpoint in all v
The Payaza plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wp_ajax_nopriv_update_order_status' AJAX endpoint in all versions up to, an
The WordPress Comments Import & Export plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_settings function in all versions up to, an
The Woocommerce check pincode/zipcode for shipping plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to missing or incorrect non
Page 1+ Next →