| CVE-2023-2563 | WordPress Contact Forms by Cimatti <= 1.5.7 - Cross-Site Request Forgery via _accua_forms_form_edit_action | cimatti | Contact Forms by Cimatti | Medium | 4.3 | 2023-06-13 01:48:08 | Deep Dive |
| CVE-2023-0692 | Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via 'mf_payment_status' shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 4.3 | 2023-06-09 05:33:37 | Deep Dive |
| CVE-2023-1430 | FluentCRM - Marketing Automation For WordPress <= 2.8.01 - Insufficient Use of Hash as Authorization Control | techjewel | FluentCRM – Email Newsletter, Automation, Email Marketing, Email Campaigns, Optins, Leads, and CRM Solution | Medium | 6.5 | 2023-06-09 05:33:37 | Deep Dive |
| CVE-2023-2555 | WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Custom Drop-Down Currency Switcher Creation | realmag777 | WPCS – WordPress Currency Switcher Professional | Medium | 4.3 | 2023-06-09 05:33:36 | Deep Dive |
| CVE-2023-2557 | WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Arbitrary Custom Drop-Down Currency Switcher Editing | realmag777 | WPCS – WordPress Currency Switcher Professional | Medium | 4.3 | 2023-06-09 05:33:35 | Deep Dive |
| CVE-2023-0721 | Metform Elementor Contact Form Builder <= 3.3.0 - Unauthenticated CSV Injection | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | High | 8.3 | 2023-06-09 05:33:34 | Deep Dive |
| CVE-2023-2289 | wordpress vertical image slider plugin <= 1.2.16 - Reflected Cross-Site Scripting | nik00726 | Vertical Image Slider | Medium | 6.1 | 2023-06-09 05:33:34 | Deep Dive |
| CVE-2023-0292 | Quiz And Survey Master <= 8.0.8 - Cross-Site Request Forgery to Arbitrary Media Deletion | expresstech | Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker | Medium | 5.4 | 2023-06-09 05:33:33 | Deep Dive |
| CVE-2023-2558 | WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | realmag777 | WPCS – WordPress Currency Switcher Professional | Medium | 6.4 | 2023-06-09 05:33:32 | Deep Dive |
| CVE-2023-2556 | WPCS – WordPress Currency Switcher Professional <= 1.1.9 - Missing Authorization to Arbitrary Custom Drop-Down Currency Switcher Deletion | realmag777 | WPCS – WordPress Currency Switcher Professional | Medium | 4.3 | 2023-06-09 05:33:31 | Deep Dive |
| CVE-2023-1889 | Directorist <= 7.5.4 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Post Deletion in listing_task | wpwax | Directorist: AI-Powered Business Directory, Listings & Classified Ads | Medium | 6.5 | 2023-06-09 05:33:29 | Deep Dive |
| CVE-2023-0708 | Metform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_first_name shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.4 | 2023-06-09 05:33:28 | Deep Dive |
| CVE-2023-2688 | WordPress File Upload / WordPress File Upload Pro <= 4.19.1 - Authenticated (Administrator+) Path Traversal | nickboss | Iptanus File Upload | Medium | 4.9 | 2023-06-09 05:33:27 | Deep Dive |
| CVE-2023-0691 | Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_last_name shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 4.3 | 2023-06-09 05:33:24 | Deep Dive |
| CVE-2023-0710 | Metform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_thankyou shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 4.9 | 2023-06-09 05:33:24 | Deep Dive |
| CVE-2023-0688 | Metform Elementor Contact Form Builder <= 3.3.1 - Authenticated (Subscriber+) Information Disclosure via mf_thankyou shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 6.5 | 2023-06-09 05:33:23 | Deep Dive |
| CVE-2023-0291 | Quiz And Survey Master <= 8.0.8 - Unauthenticated Arbitrary Media Deletion | expresstech | Quiz and Survey Master (QSM) – Easy Quiz and Survey Maker | High | 7.2 | 2023-06-09 05:33:20 | Deep Dive |
| CVE-2023-1843 | Metform Elementor Contact Form Builder <= 3.3.0 - Missing Authorization | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 6.5 | 2023-06-09 05:33:19 | Deep Dive |
| CVE-2023-2414 | Online Booking & Scheduling Calendar for WordPress by vcita <= 4.4.6 - Missing Authorization to Settings Update and Arbitrary File Upload | vcita | Online Booking & Scheduling Calendar for WordPress by vcita | Medium | 5.4 | 2023-06-09 05:33:15 | Deep Dive |
| CVE-2023-0709 | Metform Elementor Contact Form Builder <= 3.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via mf_last_name shortcode | roxnor | MetForm – Contact Form, Survey, Quiz, & Custom Form Builder for Elementor | Medium | 5.4 | 2023-06-09 05:33:14 | Deep Dive |