| Page(s) : 1 ... 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 [1440] 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 ... | Result(s) : 328771 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.3 | 2024-12-21 | CVE-2024-11977 | cve | The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10. Th... |
| 6.4 | 2024-12-21 | CVE-2024-11196 | cve | The Multi-column Tag Map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mctagmap shortcode in all versions up to, and including, 17.0.33... |
| 6.1 | 2024-12-21 | CVE-2024-11287 | cve | The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up t... |
| 6.1 | 2024-12-21 | CVE-2024-11682 | cve | The G Web Pro Store Locator plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'q' parameter in all versions up to, and including, 2.1 due to... |
| 6.4 | 2024-12-21 | CVE-2024-11938 | cve | The One Click Upsell Funnel for WooCommerce – Funnel Builder for WordPress, Create WooCommerce Upsell, Post-Purchase Upsell & Cross Sell Offers that Boost Sales & Increase Prof... |
| 6.1 | 2024-12-21 | CVE-2024-11975 | cve | The Reactflow Visitor Recording and Heatmaps plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.10. This is due to missin... |
| 8.8 | 2024-12-21 | CVE-2024-12066 | cve | The SMSA Shipping(official) plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the smsa_delete_label() function in all ver... |
| 6.1 | 2024-12-21 | CVE-2024-12262 | cve | The Ebook Store plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'step' parameter in all versions up to, and including, 5.8001 due to insuf... |
| 6.5 | 2024-12-21 | CVE-2024-12635 | cve | The WP Docs plugin for WordPress is vulnerable to time-based SQL Injection via the 'dir_id' parameter in all versions up to, and including, 2.2.0 due to insufficient e... |
| 6.4 | 2024-12-21 | CVE-2024-12697 | cve | The real.Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.1.1 due to insufficient input sanitization and output esca... |
| 7.2 | 2024-12-21 | CVE-2024-12721 | cve | The Custom Product Tabs For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.2.4 via deserialization of untrusted i... |
| 8.8 | 2024-12-21 | CVE-2024-12771 | cve | The eCommerce Product Catalog Plugin for WordPress plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.3.43. This is due to ... |
| 4.3 | 2024-12-21 | CVE-2024-10797 | cve | The Full Screen Menu for Elementor plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.0.7 via the Full Screen Menu Elementor Wid... |
| 6.1 | 2024-12-21 | CVE-2024-11808 | cve | The Pingmeter Uptime Monitoring plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the '_wpnonce' parameter in all versions up to, and including,... |
| 5.4 | 2024-12-21 | CVE-2024-12588 | cve | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Staff widget in all versions up to, and... |
| 5.4 | 2024-12-21 | CVE-2024-9545 | cve | The Shortcodes and extra features for Phlox theme plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aux_contact_box and aux_gmaps shortcode... |
| 5.4 | 2024-12-21 | CVE-2024-10453 | cve | The Elementor Website Builder – More than Just a Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Typography Settings in all ... |
| 6.1 | 2024-12-21 | CVE-2024-11688 | cve | The LaTeX2HTML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ver' or 'date' parameter in all versions up to, and including, 2... |
| N/A | 2024-12-21 | CVE-2024-11722 | cve | The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter in all versions up to, and including, 3.25.1 due to in... |
| 6.1 | 2024-12-21 | CVE-2024-12408 | cve | The WP on AWS plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_POST data in all versions up to, and including, 5.2.1 due to insufficient input sanitiza... |
| Page(s) : 1 ... 1430 1431 1432 1433 1434 1435 1436 1437 1438 1439 [1440] 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 ... | Result(s) : 328771 |
