AI-Powered CVE Analysis for WordPress Plugins

The Institutions Directory plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.3..4. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.

The AppExperts plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with subscriber-level access and above, to append additional SQL queries into already…

The LazyTasks – Project & Task Management with Collaboration, Kanban and Gantt Chart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.2.37. This makes it possible for unauthenticated attackers to elevate their privileges to that of an administrator.

The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lw_content_block' shortcode in all versions up to, and including, 3.1.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web…

The JobBank plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.2.3. This makes it possible for unauthenticated attackers to perform an unauthorized action.

The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to unauthorized modification or loss of data due to a missing capability check on the 'wedocs_user_documentation_handling_capabilities' function in all versions up to, and including, 2.1.16. This makes it possible for authenticated attackers, with Subscriber-level access and above, to…

The Hospital Doctor Directory plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.3.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to elevate their privileges to that of an administrator.

The Hospital Doctor Directory plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.3.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to perform an unauthorized action.

The ListingHub plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to perform an unauthorized action.

The Hospital Doctor Directory plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.3.9. This makes it possible for unauthenticated attackers to perform an unauthorized action.