| Page(s) : 1 ... 231 232 233 234 235 236 237 238 239 240 [241] 242 243 244 245 246 247 248 249 250 251 ... | Result(s) : 298984 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-15 | CVE-2024-8759 | cve | The Nested Pages WordPress plugin before 3.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| N/A | 2025-05-15 | CVE-2024-8703 | cve | The Z-Downloads WordPress plugin before 1.11.6 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated visitors to perfo... |
| N/A | 2025-05-15 | CVE-2024-8702 | cve | The Backup Database WordPress plugin through 4.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-... |
| N/A | 2025-05-15 | CVE-2024-8617 | cve | The Quiz Maker WordPress plugin before 6.5.9.9 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Si... |
| N/A | 2025-05-15 | CVE-2024-8542 | cve | The Everest Forms WordPress plugin before 3.0.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros... |
| N/A | 2025-05-15 | CVE-2024-8493 | cve | The Events Calendar WordPress plugin before 6.6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross... |
| N/A | 2025-05-15 | CVE-2024-8492 | cve | The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Script... |
| N/A | 2025-05-15 | CVE-2024-8426 | cve | The Page Builder: Pagelayer WordPress plugin before 1.8.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cro... |
| N/A | 2025-05-15 | CVE-2024-8398 | cve | The Simple Nav Archives WordPress plugin through 2.1.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change... |
| N/A | 2025-05-15 | CVE-2024-8397 | cve | The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not properly sanitize and escape the IP headers when logging them, allowing visitors to conduct Stored Cross... |
| N/A | 2025-05-15 | CVE-2024-8286 | cve | The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwa... |
| N/A | 2025-05-15 | CVE-2024-8284 | cve | The Download Manager WordPress plugin before 3.2.99 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Si... |
| N/A | 2025-05-15 | CVE-2024-8245 | cve | The GamiPress WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via ... |
| N/A | 2025-05-15 | CVE-2024-8031 | cve | The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, wi... |
| N/A | 2025-05-15 | CVE-2024-8009 | cve | The Sensei LMS WordPress plugin before 4.20.0 disclose all users of the blog including their email address to teachers on the students page |
| N/A | 2025-05-15 | CVE-2024-7984 | cve | The Joy Of Text Lite WordPress plugin through 2.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change t... |
| N/A | 2025-05-15 | CVE-2024-7769 | cve | The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| N/A | 2025-05-15 | CVE-2024-7762 | cve | The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes |
| N/A | 2025-05-15 | CVE-2024-7761 | cve | In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embed... |
| N/A | 2025-05-15 | CVE-2024-7759 | cve | The PWA for WP WordPress plugin before 1.7.72 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| Page(s) : 1 ... 231 232 233 234 235 236 237 238 239 240 [241] 242 243 244 245 246 247 248 249 250 251 ... | Result(s) : 298984 |
