| Page(s) : 1 ... 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 [1528] 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 ... | Result(s) : 329454 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.1 | 2024-12-12 | CVE-2024-11052 | cve | The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the calculations parameter in all versions u... |
| 6.1 | 2024-12-12 | CVE-2024-11359 | cve | The Library Bookshelves plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versi... |
| 6.4 | 2024-12-12 | CVE-2024-11757 | cve | The WP GeoNames plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp-geonames' shortcode in all versions up to, and including, 1... |
| 6.4 | 2024-12-12 | CVE-2024-11765 | cve | The WordPress Portfolio Plugin – A Plugin for Making Filterable Portfolio Grid, Portfolio Slider and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t... |
| 6.4 | 2024-12-12 | CVE-2024-11766 | cve | The WordPress Book Plugin for Displaying Books in Grid, Flip, Slider, Popup Layout and more plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin'... |
| 6.4 | 2024-12-12 | CVE-2024-11781 | cve | The Smart Agenda – Prise de rendez-vous en ligne plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'smartagenda' shortcode in all... |
| 6.4 | 2024-12-12 | CVE-2024-11785 | cve | The Integrate Firebase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'firebase_show' shortcode in all versions up to, and inc... |
| 6.4 | 2024-12-12 | CVE-2024-11871 | cve | The Social Media Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'patreon' shortcode in all versions up to, and incl... |
| 6.4 | 2024-12-12 | CVE-2024-11882 | cve | The FAQ And Answers – Create Frequently Asked Questions Area on WP Sites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'faq' ... |
| 4.3 | 2024-12-12 | CVE-2024-12018 | cve | The Snippet Shortcodes plugin for WordPress is vulnerable to unauthorized Shortcode Deletion due to missing authorization in all versions up to, and including, 4.1.6. Note that ... |
| 8.8 | 2024-12-12 | CVE-2024-12040 | cve | The Product Carousel Slider & Grid Ultimate for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.9.10 via the '... |
| 4.3 | 2024-12-12 | CVE-2024-12059 | cve | The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1 via the eli_option_value... |
| 6.1 | 2024-12-12 | CVE-2024-12072 | cve | The Analytics Cat – Google Analytics Made Easy plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping ... |
| 7.5 | 2024-12-12 | CVE-2024-12172 | cve | The WP Courses LMS – Online Courses Builder, eLearning Courses, Courses Solution, Education Courses plugin for WordPress is vulnerable to unauthorized access due to a missing ca... |
| N/A | 2024-12-12 | CVE-2024-12255 | cve | The Accept Stripe Payments Using Contact Form 7 plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.5 via the cf7sa-info.php file ... |
| 4.3 | 2024-12-12 | CVE-2024-12263 | cve | The Child Theme Creator by Orbisius plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the cloud_delete() and cloud_upd... |
| 5.3 | 2024-12-12 | CVE-2024-12265 | cve | The Web3 Crypto Payments by DePay for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the /wp-json/depay/wc/de... |
| N/A | 2024-12-12 | CVE-2024-9428 | cve | The Popup Builder WordPress plugin before 4.3.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-... |
| N/A | 2024-12-12 | CVE-2024-9641 | cve | The LuckyWP Table of Contents WordPress plugin before 2.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform St... |
| N/A | 2024-12-12 | CVE-2024-9881 | cve | The LearnPress WordPress plugin before 4.2.7.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| Page(s) : 1 ... 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 [1528] 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 ... | Result(s) : 329454 |
