The CRM and Lead Management by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ’email’ parameter in versions up to, and…

The CRM and Lead Management by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6.2. This is…

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin,…

The Event Registration Calendar By vcita plugin, versions up to and including 3.9.1, and Online Payments – Get Paid with PayPal, Square & Stripe plugin,…

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…

The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check…

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ‘update_vk_blocks_options’ function in versions up to, and including, 1.57.0.5. This allows…

The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST ‘update_options’ function in versions up to, and including, 1.57.0.5. This allows…

Consul and Consul Enterprise’s cluster peering implementation contained a flaw whereby a peer cluster with service of the same name as a local service could…

The <code>Content-Security-Policy-Report-Only</code> header could allow an attacker to leak a child iframe’s unredacted URI when interaction with that iframe triggers a redirect. This vulnerability affects…