Cross-Site Request Forgery (CSRF) vulnerability in flyaga Fix Rss Feeds fix-rss-feed allows Cross Site Request Forgery.This issue affects Fix Rss Feeds: from n/a through <= 3.1.

Cross-Site Request Forgery (CSRF) vulnerability in iiiryan WordPres 同步微博 wp2wb allows Stored XSS.This issue affects WordPres 同步微博: from n/a through <= 1.1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Z.com byGMO GMO Font Agent gmo-font-agent allows Stored XSS.This issue affects GMO Font Agent: from n/a through <= 1.6.

Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through <= 3.3.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in smartredfox Pretty file links pretty-file-links allows Stored XSS.This issue affects Pretty file links: from n/a through <= 0.9.

Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r callphoner allows Stored XSS.This issue affects CallPhone'r: from n/a through <= 1.1.1.

Cross-Site Request Forgery (CSRF) vulnerability in Yummly Yummly Rich Recipes yummly-rich-recipes allows Cross Site Request Forgery.This issue affects Yummly Rich Recipes: from n/a through <= 4.2.

Cross-Site Request Forgery (CSRF) vulnerability in boroV Cackle cackle allows Cross Site Request Forgery.This issue affects Cackle: from n/a through <= 4.33.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pixeline issuuPress issuupress allows Stored XSS.This issue affects issuuPress: from n/a through <= 1.3.2.

Missing Authorization vulnerability in swayam.tejwani Menu Duplicator copy-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Menu Duplicator: from n/a through <= 1.0.

Cross-Site Request Forgery (CSRF) vulnerability in wpsolutions SoundCloud Ultimate soundcloud-ultimate allows Cross Site Request Forgery.This issue affects SoundCloud Ultimate: from n/a through <= 1.5.

Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Info Boxes Shortcode and Widget info-boxes-shortcode-and-widget allows Cross Site Request Forgery.This issue affects Info Boxes Shortcode and Widget: from n/a through <= 1.15.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in avaibook AvaiBook avaibook allows Stored XSS.This issue affects AvaiBook: from n/a through <= 1.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Benedikt Mo BMo Expo bmo-expo allows Stored XSS.This issue affects BMo Expo: from n/a through <= 1.0.15.

Cross-Site Request Forgery (CSRF) vulnerability in ChrisHurst Simple Optimizer simple-optimizer allows Cross Site Request Forgery.This issue affects Simple Optimizer: from n/a through <= 1.2.7.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristian Sarov Upload Quota per User upload-quota-per-user allows Stored XSS.This issue affects Upload Quota per User: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zeitwesentech Beautiful Link Preview beautiful-link-preview allows Stored XSS.This issue affects Beautiful Link Preview: from n/a through <= 1.5.0.

Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through <= 1.0.8.

Cross-Site Request Forgery (CSRF) vulnerability in captcha.soft Image Captcha image-captcha allows Cross Site Request Forgery.This issue affects Image Captcha: from n/a through <= 1.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through <= 9.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MorganF Weather Layer weather-layer allows Stored XSS.This issue affects Weather Layer: from n/a through <= 4.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in GBS Developer WP Ride Booking wp-ride-booking allows Cross Site Request Forgery.This issue affects WP Ride Booking: from n/a through <= 2.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Atikul AI Preloader ai-preloader allows Stored XSS.This issue affects AI Preloader: from n/a through <= 1.0.2.

Cross-Site Request Forgery (CSRF) vulnerability in Sébastien Dumont Auto Load Next Post auto-load-next-post allows Cross Site Request Forgery.This issue affects Auto Load Next Post: from n/a through <= 1.5.14.

Cross-Site Request Forgery (CSRF) vulnerability in wpshopee Awesome Logos awesome-logos allows SQL Injection.This issue affects Awesome Logos: from n/a through <= 1.2.