| Page(s) : 1 ... 236 237 238 239 240 241 242 243 244 245 [246] 247 248 249 250 251 252 253 254 255 256 ... | Result(s) : 324546 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-15 | CVE-2024-8493 | cve | The Events Calendar WordPress plugin before 6.6.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross... |
| N/A | 2025-05-15 | CVE-2024-8492 | cve | The Hustle WordPress plugin through 7.8.5 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Script... |
| N/A | 2025-05-15 | CVE-2024-8426 | cve | The Page Builder: Pagelayer WordPress plugin before 1.8.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cro... |
| N/A | 2025-05-15 | CVE-2024-8398 | cve | The Simple Nav Archives WordPress plugin through 2.1.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change... |
| N/A | 2025-05-15 | CVE-2024-8397 | cve | The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not properly sanitize and escape the IP headers when logging them, allowing visitors to conduct Stored Cross... |
| N/A | 2025-05-15 | CVE-2024-8286 | cve | The webtoffee-gdpr-cookie-consent WordPress plugin before 2.6.1 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwa... |
| N/A | 2025-05-15 | CVE-2024-8284 | cve | The Download Manager WordPress plugin before 3.2.99 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Si... |
| N/A | 2025-05-15 | CVE-2024-8245 | cve | The GamiPress WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via ... |
| N/A | 2025-05-15 | CVE-2024-8031 | cve | The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, wi... |
| N/A | 2025-05-15 | CVE-2024-8009 | cve | The Sensei LMS WordPress plugin before 4.20.0 disclose all users of the blog including their email address to teachers on the students page |
| N/A | 2025-05-15 | CVE-2024-7984 | cve | The Joy Of Text Lite WordPress plugin through 2.3.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change t... |
| N/A | 2025-05-15 | CVE-2024-7769 | cve | The ClickSold IDX WordPress plugin through 1.90 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| N/A | 2025-05-15 | CVE-2024-7762 | cve | The Simple Job Board WordPress plugin before 2.12.6 does not prevent uploaded files from being listed, allowing unauthenticated users to access and download uploaded resumes |
| N/A | 2025-05-15 | CVE-2024-7761 | cve | In the process of testing the Simple Job Board WordPress plugin before 2.12.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embed... |
| N/A | 2025-05-15 | CVE-2024-7759 | cve | The PWA for WP WordPress plugin before 1.7.72 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| N/A | 2025-05-15 | CVE-2024-7758 | cve | The Stylish Price List WordPress plugin before 7.1.8 does not sanitise and escape some of its settings, which could allow high privilege users of contributor and above to perfo... |
| N/A | 2025-05-15 | CVE-2024-7556 | cve | The Simple Share WordPress plugin through 0.5.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| N/A | 2025-05-15 | CVE-2024-6809 | cve | The Simple Video Directory WordPress plugin before 1.4.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to una... |
| N/A | 2025-05-15 | CVE-2024-6798 | cve | The DL Verification WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-... |
| N/A | 2025-05-15 | CVE-2024-6711 | cve | The Event Tickets with Ticket Scanner WordPress plugin before 2.3.8 does not sanitise and escape some parameters, which could allow users with a role as low as admin to perform ... |
| Page(s) : 1 ... 236 237 238 239 240 241 242 243 244 245 [246] 247 248 249 250 251 252 253 254 255 256 ... | Result(s) : 324546 |
