Unauthenticated Cross Site Scripting (XSS) in Product Filter Widget for Elementor <= 1.0.6 versions.
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.7.2 versions.
Unauthenticated PHP Object Injection in EventPrime <= 4.3.2.1 versions.
Subscriber Cross Site Scripting (XSS) in EventPrime <= 4.3.2.1 versions.
Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend <= 1.18.0 versions.
Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions.
Unauthenticated Broken Access Control in Salon booking system <= 10.30.25 versions.
Unauthenticated Broken Access Control in AI Product Search for WooCommerce – Motive Commerce Search <= 1.38.2 versions.
Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.3.8 versions.
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Favicon Rotator <= 1.2.11 versions.
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.
Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments < 1.6.11.2 versions.
Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form <= 1.2.46 versions.
Unauthenticated Sensitive Data Exposure in Amelia <= 2.2 versions.
Subscriber Broken Access Control in ChatBot <= 7.9.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.0.0 versions.
Subscriber Broken Authentication in AutomatorWP <= 5.6.7 versions.
Unauthenticated Broken Authentication in ReviewX <= 2.3.6 versions.