Filter

Automattic Newspack Popups WordpressWordPress Newspack Campaigns plugin <= 2.31.1 - Cross Site Scripting (XSS) vulnerability

First published (updated )

Automattic JetpackJetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

8.8
First published (updated )

Automattic ActivitypubActivityPub for WordPress < 1.0.0 - Contributor+ Stored XSS

First published (updated )

Automattic Jetpack CrmJetpack CRM < 5.5 - Contributor+ Stored XSS

First published (updated )

Automattic Crowdsignal DashboardWordPress Crowdsignal Dashboard plugin <= 3.0.9 - Privilege Escalation vulnerability

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Automattic WoocommerceCode Injection

8.8
First published (updated )

CVE-2023-27429WordPress Jetpack CRM Plugin <= 5.4.4 is vulnerable to Cross Site Scripting (XSS)

First published (updated )

Automattic Sensei LmsSensei LMS < 4.24.2 - Unauthenticated Email Template Leak

7.5
EPSS
0.22%
First published (updated )

Automattic Woocommerce BookingsWordPress WooCommerce Bookings Plugin <= 2.0.3 is vulnerable to Cross Site Request Forgery (CSRF)

8.8
First published (updated )

Automattic JetpackXSS

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Automattic JetpackXSS

First published (updated )

Automattic Ghacitivity WordpressWordPress GHActivity plugin <= 2.0.0-alpha - Cross Site Scripting (XSS) vulnerability

First published (updated )

Automattic WoopaymentsWordPress WooCommerce Payments Plugin <= 6.6.2 is vulnerable to Insecure Direct Object References (IDOR)

7.5
First published (updated )

Automattic Woocommerce StripeWordPress WooCommerce Stripe Payment Gateway Plugin <= 7.6.1 is vulnerable to Insecure Direct Object References (IDOR)

First published (updated )

Automattic JetpackSQL Injection

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Automattic W3 Super CacheWordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-execution vulnerability which could…

8.8
First published (updated )

Automattic Wp Super CacheWordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability

First published (updated )

Automattic Wp Super CacheWordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution

8.8
First published (updated )

Automattic Wp Super CacheXSS

First published (updated )

Automattic VaultpressVaultPress Plugin MailPoet Plugin class.vaultpress-hotfixes.php protect_aioseo_ajax unrestricted upload

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Automattic JetpackThe Jetpack plugin before 1.9 before 1.9.4, 2.0.x before 2.0.9, 2.1.x before 2.1.4, 2.2.x before 2.2…

First published (updated )

Automattic AkismetXSS

First published (updated )

Automattic JetpackXSS

First published (updated )

Automattic GenericonsXSS

First published (updated )

Automattic VaultpressVaultPress Plugin code injection

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Automattic WoocommercePath Traversal

7.5
First published (updated )

Automattic CanvasBuffer Overflow

8.8
First published (updated )

Automattic Woocommerce BlocksArbitrary SQL (SQL injection) possible via the Store API component.

7.5
First published (updated )

Automattic JetpackJetpack < 9.8 - Carousel Module Non-Published Page/Post Attachment Comment Leak

First published (updated )

Automattic Wp Super CacheWP Super Cache < 1.7.3 - Authenticated Remote Code Execution

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203