| Page(s) : 1 ... 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 [1541] 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 ... | Result(s) : 329471 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2024-12-12 | CVE-2024-11689 | cve | The HQ Rental Software plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.29. This is due to missing or incorrect nonce v... |
| 6.4 | 2024-12-12 | CVE-2024-11901 | cve | The PowerBI Embed Reports plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'MO_API_POWER_BI' shortcode in all versions up to, an... |
| 6.4 | 2024-12-12 | CVE-2024-11914 | cve | The Gutenberg Blocks and Page Layouts – Attire Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'attire-blocks/post-carousel' block in ... |
| 6.1 | 2024-12-12 | CVE-2024-12258 | cve | The WP Service Payment Form With Authorize.net plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and... |
| 6.1 | 2024-12-12 | CVE-2024-12260 | cve | The Ultimate Endpoints With Rest Api plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including... |
| 6.1 | 2024-12-12 | CVE-2024-12338 | cve | The Website Toolbox Community plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘websitetoolbox_username’ parameter in all versions up to, and includi... |
| 4.3 | 2024-12-12 | CVE-2024-12341 | cve | The Custom Skins Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf7cs_action_callback'... |
| 6.4 | 2024-12-12 | CVE-2024-12461 | cve | The WP-Revive Adserver plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wprevive_async' shortcode in all versions up to, and in... |
| 6.4 | 2024-12-12 | CVE-2024-10182 | cve | The Cognito Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in all versions up to, and including, 2.0.6 due to insuffici... |
| 8.8 | 2024-12-12 | CVE-2024-10590 | cve | The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the admin_upload() function in all versions up to, and i... |
| 7.3 | 2024-12-12 | CVE-2024-10910 | cve | The The Grid Plus – Unlimited grid layout plugin for WordPress is vulnerable to arbitrary shortcode execution via grid_plus_load_by_category AJAX action in all versions up to, a... |
| 5.4 | 2024-12-12 | CVE-2024-11384 | cve | The Arena.IM – Live Blogging for real-time events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'arenablog' shortcode in all ... |
| 6.4 | 2024-12-12 | CVE-2024-11410 | cve | The Top and footer bars for announcements, notifications, advertisements, promotions – YooBar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Yoo Bar s... |
| 6.1 | 2024-12-12 | CVE-2024-11459 | cve | The Country Blocker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter in all versions up to, and including, 3.2 due to insuff... |
| 4.3 | 2024-12-12 | CVE-2024-11709 | cve | The AI Post Generator | AutoWriter plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ai_post_generator_delete_Post... |
| 6.1 | 2024-12-12 | CVE-2024-11723 | cve | The kvCORE IDX plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via any parameter on pages with the kvcoreidx_listings_sitemap_ranges, kvcoreidx_listings_sit... |
| 6.4 | 2024-12-12 | CVE-2024-11750 | cve | The ONLYOFFICE DocSpace plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'onlyoffice-docspace' shortcode in all versions up to, ... |
| 6.1 | 2024-12-12 | CVE-2024-11804 | cve | The Planaday API plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 11.4 due to insuffi... |
| 6.4 | 2024-12-12 | CVE-2024-11875 | cve | The Add infos to the events calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fuss' shortcode in all versions up to, an... |
| 6.4 | 2024-12-12 | CVE-2024-11891 | cve | The Perfect Font Awesome Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'pfai' shortcode in all versions up to, an... |
| Page(s) : 1 ... 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 [1541] 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 ... | Result(s) : 329471 |
