Unauthenticated Sensitive Data Exposure in Bookly <= 27.4 versions.
Unauthenticated Broken Access Control in Salon booking system <= 10.30.25 versions.
Unauthenticated SQL Injection in WP Data Access <= 5.5.70 versions.
Unauthenticated Broken Access Control in AI Product Search for WooCommerce – Motive Commerce Search <= 1.38.2 versions.
Unauthenticated Cross Site Scripting (XSS) in Simple Membership <= 4.7.2 versions.
Unauthenticated Bypass Vulnerability in Event Tickets <= 5.27.5 versions.
Custom role Path Traversal in WP Customer Area <= 8.3.4 versions.
Subscriber Sensitive Data Exposure in Contest Gallery <= 28.1.7 versions.
Subscriber Broken Access Control in Advanced Form Integration <= 1.126.12 versions.
Unauthenticated Cross Site Scripting (XSS) in Classified Listing <= 5.3.8 versions.
Unauthenticated Other Vulnerability Type in Contest Gallery <= 28.1.7 versions.
Subscriber Cross Site Scripting (XSS) in Contest Gallery <= 28.1.6 versions.
Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.
Subscriber Broken Access Control in Classified Listing <= 5.3.9 versions.
Unauthenticated Cross Site Scripting (XSS) in AutomatorWP <= 5.6.7 versions.
Unauthenticated Cross Site Scripting (XSS) in Favicon Rotator <= 1.2.11 versions.
Unauthenticated Broken Access Control in Classified Listing <= 5.3.8 versions.
Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.
Unauthenticated Broken Authentication in CloudSecure WP Security <= 1.4.7 versions.
Unauthenticated SQL Injection in Order Delivery Date for WooCommerce <= 4.5.1 versions.