| Page(s) : 1 ... 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 [1527] 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 ... | Result(s) : 329442 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-12-12 | CVE-2024-50584 | cve | An authenticated attacker with the user/role "Poweruser" can perform an SQL injection by accessing the /class/template_io.php file and supplying malicious GET parameters. The "t... |
| N/A | 2024-12-12 | CVE-2024-10010 | cve | The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| 9.8 | 2024-12-12 | CVE-2024-10124 | cve | The Vayu Blocks – Gutenberg Blocks for WordPress & WooCommerce plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation due to a missing c... |
| N/A | 2024-12-12 | CVE-2024-10499 | cve | The AI Engine WordPress plugin before 2.6.5 does not sanitize and escape a parameter from one of its RESP API endpoint before using it in a SQL statement, allowing admins to per... |
| N/A | 2024-12-12 | CVE-2024-10517 | cve | The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of ... |
| N/A | 2024-12-12 | CVE-2024-10518 | cve | The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.15 does not sanitise and escape some of ... |
| N/A | 2024-12-12 | CVE-2024-10568 | cve | The Ajax Search Lite WordPress plugin before 4.12.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cr... |
| N/A | 2024-12-12 | CVE-2024-10637 | cve | The Gutenberg Blocks with AI by Kadence WP WordPress plugin before 3.2.54 does not validate and escape some of its block options before outputting them back in a page/post wher... |
| 6.1 | 2024-12-12 | CVE-2024-11052 | cve | The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions u... |
| 6.1 | 2024-12-12 | CVE-2024-11359 | cve | The Library Bookshelves plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versi... |
| 6.4 | 2024-12-12 | CVE-2024-11757 | cve | The WP GeoNames plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp-geonames' shortcode in all versions up to, and including, 1... |
| 6.4 | 2024-12-12 | CVE-2024-11765 | cve | The WordPress Portfolio Plugin – A Plugin for Making Filterable Portfolio Grid, Portfolio Slider and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t... |
| 6.4 | 2024-12-12 | CVE-2024-11766 | cve | The WordPress Book Plugin for Displaying Books in Grid, Flip, Slider, Popup Layout and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin'... |
| 6.4 | 2024-12-12 | CVE-2024-11781 | cve | The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'smartagenda' shortcode in all... |
| 6.4 | 2024-12-12 | CVE-2024-11785 | cve | The Integrate Firebase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'firebase_show' shortcode in all versions up to, and inc... |
| 6.4 | 2024-12-12 | CVE-2024-11871 | cve | The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode in all versions up to, and incl... |
| 6.4 | 2024-12-12 | CVE-2024-11882 | cve | The FAQ And Answers – Create Frequently Asked Questions Area on WP Sites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'faq' ... |
| 4.3 | 2024-12-12 | CVE-2024-12018 | cve | The Snippet Shortcodes plugin for WordPress is vulnerable to unauthorized Shortcode Deletion due to missing authorization in all versions up to, and including, 4.1.6. Note that ... |
| 8.8 | 2024-12-12 | CVE-2024-12040 | cve | The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the '... |
| 4.3 | 2024-12-12 | CVE-2024-12059 | cve | The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1 via the eli_option_value... |
| Page(s) : 1 ... 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 [1527] 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 ... | Result(s) : 329442 |
