The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due to the use…

The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in versions up to, and including,…

The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it possible for unauthenticated…

The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the ‘question[id]’ parameter in versions up to, and including, 8.0.4…

The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the ‘question[id]’ parameter in versions up to, and including, 8.0.4 due…

The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the ‘file’ parameter which does not…

The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the ‘file’ parameter which can be manipulated…

The Simple:Press plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘sforum_[md5 hash of the WordPress URL]’ cookie value in versions up to,…

The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘postitem’ parameter manipulated during the profile-save action when modifying a profile signature…

The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘postitem’ parameter manipulated during a forum response in versions up to, and…