For individuals

The Flower Delivery by Florist One plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'flower-delivery' shortcode in all versions up to, and...

The WP eCards plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ecard' shortcode in all versions up to, and including, 1.3.904 due to insufficient...

The TI WooCommerce Wishlist plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'wizard' function in all versions up to, and...

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.4.4 via the 'elementor-template' shortcode due...

The B Testimonial – testimonial plugin for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'b_testimonial' shortcode in all versions up to, and...

The Classic Addons – WPBakery Page Builder plugin for WordPress is vulnerable to Limited Local PHP File Inclusion in all versions up to, and including, 3.0 via the 'style' parameter. This...

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in various versions due to...

The Additional Custom Order Status for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the wfwp_wcos_delete_finished, wfwp_wcos_delete_fallback_finished,...

Double-Free Vulnerability in uD3TN BPv7 Caused by Malformed Endpoint Identifier allows remote attacker to reliably cause DoS

Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through...