Clik here to view.
Critical Vulnerability In InfiniteWP Client And WP Time Capsule
WordPress InfiniteWP Client Plugin Bypass Vulnerability WordPress Backup and Staging by WP Time Capsule Plugin Bypass Vulnerability Not too long ago an authentication bypass vulnerability in the...
View ArticleClik here to view.
Critical Privilege Escalation in HT Mega Plugin Affecting 100k+ Sites
HT Mega Unauthenticated Privilege Escalation This blog post is about the HT Mega plugin critical vulnerability. If you're a HT Mega user, please update the plugin to at least version 2.2.1. Patchstack...
View ArticleClik here to view.
Authenticated RCE in JetElements For Elementor Plugin
JetElements For Elementor Authenticated (Contributor+) Remote Code Execution This blog post is about the JetElements For Elementor plugin vulnerability. If you're a JetElements For Elementor user,...
View ArticleClik here to view.
Critical Vulnerabilities Patched in Jupiter X Core Plugin
Jupiter X Core Unauthenticated Arbitrary File Upload Jupiter X Core Unauthenticated Account Takeover This blog post is about the Jupiter X Core plugin vulnerability. If you're a Jupiter X user, please...
View ArticleClik here to view.
Critical Arbitrary File Upload Patched in Forminator Plugin
Forminator Unauthenticated Arbitrary File Upload This security advisory is written about a critical Forminator vulnerability initially disclosed by MEHMET KELEPÇE. Patchstack users have received a...
View ArticleClik here to view.
Pre-Auth Arbitrary File Upload in User Submitted Posts Plugin
User Submitted Posts Unauthenticated Arbitrary File Upload This blog post is about the User Submitted Posts plugin vulnerability. If you're a User Submitted Posts user, please update the plugin to at...
View ArticleClik here to view.
Critical Vulnerability in Elementor Affecting 5+ Million Websites
Elementor Contributor+ Arbitrary File Upload The vulnerability in Elementor was originally reported by Hồng Quân (luk6785 at VNPT-VCI) to our alliance program. We are collaborating with the researcher...
View ArticleClik here to view.
Critical SQL Injection Found in Porto Theme's Plugin
This blog post is about the Porto Theme's plugin vulnerability. If you're a Porto Theme user, please update the plugin to at least version 2.12.1. You can sign up for the Patchstack Community plan to...
View ArticleClik here to view.
AI Engine Plugin Affected by Critical Vulnerability
AI Engine Unauthenticated Arbitrary File Upload This blog post is about an AI Engine plugin vulnerability. If you're an AI Engine user, please update the plugin to at least version 1.9.99. You can...
View ArticleClik here to view.
Critical Vulnerability Found in GOTMLS Plugin
GOTMLS Unauthenticated Predictable Nonce Brute-Force Leading to RCE The vulnerability in the GOTMLS plugin was originally reported by stealthcopter to the Patchstack bug bounty program for WordPress....
View ArticleClik here to view.
Critical Vulnerabilities Patched in WordPress Automatic Plugin
Automatic Unauthenticated Arbitrary SQL Execution Automatic Unauthenticated Arbitrary File Download and SSRF This blog post is about the Automatic plugin vulnerabilities. If you're an Automatic user,...
View ArticleClik here to view.
Critical Vulnerabilities Patched in REHub Theme and Plugin
REHub Theme Unauthenticated Local File Inclusion REHub Theme Subscriber+ SQL Injection REHub Framework Plugin Subscriber+ SQL Injection This blog post is about the REHub theme and plugin...
View Article
