Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions.

Subscriber SQL Injection in Taskbuilder <= 5.0.7 versions.

Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout <= 1.8.2 versions.

Unauthenticated Sensitive Data Exposure in Signature Add-On for WooCommerce <= 2.0 versions.

Unauthenticated Sensitive Data Exposure in Affiliates Manager <= 2.9.50 versions.

Customer Privilege Escalation in Dokan <= 5.0.2 versions.

Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions.

Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions.

Contributor Privilege Escalation in LatePoint <= 5.5.1 versions.

Subscriber Sensitive Data Exposure in Chatway Live Chat &#8211; AI Chatbot, Customer Support, FAQ &amp; Helpdesk Customer Service &amp; Chat Buttons <= 1.4.8 versions.

Unauthenticated Other Vulnerability Type in WP Travel Engine <= 6.7.10 versions.

Unauthenticated Broken Access Control in Knit Pay <= 9.4.0.0 versions.

Subscriber Sensitive Data Exposure in Coupon Affiliates <= 7.8.1 versions.

Unauthenticated Sensitive Data Exposure in Conekta Payment Gateway <= 6.0.0 versions.

Unauthenticated Broken Access Control in Hippoo Mobile App for WooCommerce <= 1.9.5 versions.

Unauthenticated Privilege Escalation in Listdom <= 5.5.0 versions.

Unauthenticated Arbitrary File Download in WPC Product Options for WooCommerce <= 3.2.1 versions.

Unauthenticated Sensitive Data Exposure in WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels <= 4.9.4 versions.

Unauthenticated Cross Site Scripting (XSS) in Drag and Drop Multiple File Upload – Contact Form 7 <= 1.3.9.7 versions.

Unauthenticated Broken Authentication in Really Simple SSL <= 9.5.10 versions.