📦 Wp Recall

The WP-Recall plugin for WordPress has a critical vulnerability that allows unauthenticated attackers to reset any user's password by supplying their email address during new order creation. This lead...

This SQL injection vulnerability in the WP-Recall WordPress plugin allows unauthenticated attackers to inject malicious SQL queries via the 'databeat' parameter. Attackers can extract sensitive inform...

This vulnerability in the WP-Recall WordPress plugin allows administrators to perform SQL injection attacks due to unsanitized parameter usage in SQL statements. It affects WordPress sites running WP-...

This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into website pages using the WP-Recall plugin's 'public-form' shortcode. The...

The WP-Recall plugin for WordPress has a missing capability check that allows unauthenticated attackers to delete arbitrary payment records. This affects all WordPress sites using WP-Recall plugin ver...