| Page(s) : 1 ... 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 [1590] 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 ... | Result(s) : 329663 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2024-12-06 | CVE-2024-11323 | cve | The AI Quiz | Quiz Maker plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the a... |
| 6.1 | 2024-12-06 | CVE-2024-11336 | cve | The Clickbank WordPress Plugin (Storefront) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7. This is due to missing or... |
| 6.4 | 2024-12-06 | CVE-2024-11339 | cve | The Smart PopUp Blaster plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'spb-button' shortcode in all versions up to, and incl... |
| 6.4 | 2024-12-06 | CVE-2024-11352 | cve | The TwentyTwenty plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'twentytwenty' shortcode in all versions up to, and including,... |
| 6.1 | 2024-12-06 | CVE-2024-11368 | cve | The Splash Sync plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up t... |
| 4.3 | 2024-12-06 | CVE-2024-11444 | cve | The CLUEVO LMS, E-Learning Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.13.2. This is due to missing or inco... |
| 6.4 | 2024-12-06 | CVE-2024-11450 | cve | The ONLYOFFICE Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'onlyoffice' shortcode in all versions up to, and including... |
| 6.1 | 2024-12-06 | CVE-2024-11687 | cve | The Next-Cart Store to WooCommerce Migration plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and i... |
| 6.1 | 2024-12-06 | CVE-2024-11823 | cve | The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'foldergallery' shortcode in all versions up to, and includi... |
| 6.1 | 2024-12-06 | CVE-2024-12003 | cve | The WP System plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.1. This is due to missing or incorrect nonce validation ... |
| 4.3 | 2024-12-06 | CVE-2024-12027 | cve | The Message Filter for Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the updateFilter() and deleteF... |
| 5.3 | 2024-12-06 | CVE-2024-12028 | cve | The Friends plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several REST API endpoints in all versions up to, and including, 3.2.1... |
| 6.1 | 2024-12-06 | CVE-2024-12060 | cve | The WP Media Optimizer (.webp) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘wpmowebp-css-resources’ and 'wpmowebp-js-resources' parame... |
| 4.3 | 2024-12-06 | CVE-2024-12110 | cve | The Gold Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the activate() and deactivate() functi... |
| 9.8 | 2024-12-06 | CVE-2024-12155 | cve | The SV100 Companion plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the settin... |
| 4.3 | 2024-12-06 | CVE-2024-9705 | cve | The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ucsm_update_templat... |
| N/A | 2024-12-06 | CVE-2024-9706 | cve | The Ultimate Coming Soon & Maintenance plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ucsm_activate_lite_templa... |
| 5.4 | 2024-12-06 | CVE-2024-9866 | cve | The Event Tickets with Ticket Scanner plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'data' parameters in all versions up to, and including,... |
| 5.4 | 2024-12-06 | CVE-2024-9872 | cve | The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ... |
| 6.3 | 2024-12-06 | CVE-2024-10681 | cve | The The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to arbitrary shortcode execution in all v... |
| Page(s) : 1 ... 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 [1590] 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 ... | Result(s) : 329663 |
