| Page(s) : 1 ... 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 [1108] 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 ... | Result(s) : 327247 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-31 | CVE-2024-13218 | cve | The Fast Tube WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which co... |
| N/A | 2025-01-31 | CVE-2024-13219 | cve | The Privacy Policy Genius WordPress plugin through 2.0.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Script... |
| N/A | 2025-01-31 | CVE-2024-13220 | cve | The WordPress Google Map Professional (Map In Your Language) WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading... |
| N/A | 2025-01-31 | CVE-2024-13221 | cve | The Fantastic ElasticSearch WordPress plugin through 4.1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scri... |
| N/A | 2025-01-31 | CVE-2024-13222 | cve | The User Messages WordPress plugin through 1.2.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting whic... |
| N/A | 2025-01-31 | CVE-2024-13223 | cve | The Tabulate WordPress plugin through 2.10.3 does not sanitise and escape some parameters before outputting them back in the page, leading to a Reflected Cross-Site Scripting wh... |
| N/A | 2025-01-31 | CVE-2024-13224 | cve | The SlideDeck 1 Lite Content Slider WordPress plugin through 1.4.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-S... |
| N/A | 2025-01-31 | CVE-2024-13225 | cve | The ECT Home Page Products WordPress plugin through 1.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripti... |
| N/A | 2025-01-31 | CVE-2024-13226 | cve | The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripti... |
| 4.3 | 2025-01-31 | CVE-2024-13415 | cve | The Food Menu – Restaurant Menu & Online Ordering for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the response() f... |
| 4.3 | 2025-01-31 | CVE-2024-13424 | cve | The Ni Sales Commission For WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'niwoosc_ajax' AJAX endpoint... |
| 7.2 | 2025-01-31 | CVE-2024-13504 | cve | The Shared Files – Frontend File Upload Form & Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via dfxp File uploads in all versions up to,... |
| 4.3 | 2025-01-31 | CVE-2024-13717 | cve | The Contact Form and Calls To Action by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the vcita_ajax_toggle_... |
| 7.2 | 2025-01-31 | CVE-2025-0809 | cve | The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitizatio... |
| N/A | 2025-01-31 | CVE-2025-22216 | cve | A UAA configured with multiple identity zones, does not properly validate session information across those zones. A User authenticated against a corporate IDP can re-use their ... |
| 5.9 | 2025-01-31 | CVE-2024-13623 | cve | The Order Export for WooCommerce plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.24 via the 'uploads' dire... |
| 4.3 | 2025-01-31 | CVE-2024-13530 | cve | The Custom Login Page Styler – Limit Login Attempts – Restrict Content With Login – Redirect After Login – Change Login URL – Sign in , Sign out plugin for WordPress is vulnerab... |
| N/A | 2025-01-31 | CVE-2024-52875 | cve | An issue was discovered in GFI Kerio Control 9.2.5 through 9.4.5. The dest GET parameter passed to the /nonauth/addCertException.cs and /nonauth/guestConfirm.cs and /nonauth/exp... |
| N/A | 2025-01-31 | CVE-2024-53007 | cve | Bentley Systems ProjectWise Integration Server before 10.00.03.288 allows unintended SQL query execution by an authenticated user via an API call. |
| 6.4 | 2025-01-31 | CVE-2024-13157 | cve | The MP3 Audio Player – Music Player, Podcast Player & Radio by Sonaar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Podcast RSS Feed in all versions up t... |
| Page(s) : 1 ... 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 [1108] 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 ... | Result(s) : 327247 |
