| Page(s) : 1 ... 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 [1074] 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 ... | Result(s) : 301104 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-31 | CVE-2024-13221 | cve | The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scri... |
| N/A | 2025-01-31 | CVE-2024-13222 | cve | The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting whic... |
| N/A | 2025-01-31 | CVE-2024-13223 | cve | The Tabulate WordPress plugin through 2.10.3 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting wh... |
| N/A | 2025-01-31 | CVE-2024-13224 | cve | The SlideDeck 1 Lite Content Slider WordPress plugin through 1.4.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-S... |
| N/A | 2025-01-31 | CVE-2024-13225 | cve | The ECT Home Page Products WordPress plugin through 1.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripti... |
| N/A | 2025-01-31 | CVE-2024-13226 | cve | The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripti... |
| 4.3 | 2025-01-31 | CVE-2024-13415 | cve | The Food Menu – Restaurant Menu & Online Ordering for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the response() f... |
| 4.3 | 2025-01-31 | CVE-2024-13424 | cve | The Ni Sales Commission For WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'niwoosc_ajax' AJAX endpoint... |
| 7.2 | 2025-01-31 | CVE-2024-13504 | cve | The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to,... |
| 4.3 | 2025-01-31 | CVE-2024-13717 | cve | The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_ajax_toggle_... |
| 7.2 | 2025-01-31 | CVE-2025-0809 | cve | The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitizatio... |
| N/A | 2025-01-31 | CVE-2025-22216 | cve | A UAA configured with multiple identity zones, does not properly validate session information across those zones. A User authenticated against a corporate IDP can re-use their ... |
| 5.9 | 2025-01-31 | CVE-2024-13623 | cve | The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.24 via the 'uploads' dire... |
| 4.3 | 2025-01-31 | CVE-2024-13530 | cve | The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerab... |
| N/A | 2025-01-31 | CVE-2024-52875 | cve | An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonauth/guestConfirm.cs and /nonauth/exp... |
| N/A | 2025-01-31 | CVE-2024-53007 | cve | Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call. |
| 6.4 | 2025-01-31 | CVE-2024-13157 | cve | The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up t... |
| 6.4 | 2025-01-31 | CVE-2024-13566 | cve | The WP DataTable plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 0.2.6 due to insufficient input s... |
| N/A | 2025-01-31 | CVE-2024-44055 | cve | Server-Side Request Forgery (SSRF) vulnerability in NotFound Oshine Modules. This issue affects Oshine Modules: from n/a through n/a. |
| N/A | 2025-01-31 | CVE-2025-22265 | cve | Missing Authorization vulnerability in mgplugin EMI Calculator allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects EMI Calculator: from n... |
| Page(s) : 1 ... 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 [1074] 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 ... | Result(s) : 301104 |
