| Page(s) : 1 ... 236 237 238 239 240 241 242 243 244 245 [246] 247 248 249 250 251 252 253 254 255 256 ... | Result(s) : 298990 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-15 | CVE-2024-10677 | cve | The BTEV WordPress plugin through 2.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSR... |
| N/A | 2025-05-15 | CVE-2024-10818 | cve | The JSFiddle Shortcode WordPress plugin before 1.1.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode... |
| N/A | 2025-05-15 | CVE-2024-11109 | cve | The WP Google Review Slider WordPress plugin before 15.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Store... |
| N/A | 2025-05-15 | CVE-2024-11140 | cve | The Real WP Shop Lite Ajax eCommerce Shopping Cart WordPress plugin through 2.0.8 does not sanitise and escape some of its settings, which could allow high privilege users such ... |
| N/A | 2025-05-15 | CVE-2024-11141 | cve | The Sailthru Triggermail WordPress plugin through 1.1 does not sanitise and escape some of its settings and is missing CSRF protection which could allow subscribers to perform S... |
| N/A | 2025-05-15 | CVE-2024-11189 | cve | The Social Share And Social Locker WordPress plugin before 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perf... |
| N/A | 2025-05-15 | CVE-2024-11190 | cve | The jwp-a11y WordPress plugin through 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site ... |
| N/A | 2025-05-15 | CVE-2024-11221 | cve | The Full Screen (Page) Background Image Slideshow WordPress plugin through 1.1 does not sanitise and escape some of its settings, which could allow high privilege users such as ... |
| N/A | 2025-05-15 | CVE-2024-11266 | cve | The Geocache Stat Bar Widget WordPress plugin through 0.911 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform St... |
| N/A | 2025-05-15 | CVE-2024-11267 | cve | The JSP Store Locator WordPress plugin through 1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing user with Contributor to perform SQL inj... |
| N/A | 2025-05-15 | CVE-2024-11269 | cve | The AHAthat Plugin WordPress plugin through 1.6 does not sanitize and escape a parameter before using it in a SQL statement, allowing Admin to perform SQL injection attacks. |
| N/A | 2025-05-15 | CVE-2024-11372 | cve | The Connexion Logs WordPress plugin through 3.0.2 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks |
| N/A | 2025-05-15 | CVE-2024-11373 | cve | The Connexion Logs WordPress plugin through 3.0.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them... |
| N/A | 2025-05-15 | CVE-2024-11502 | cve | The Planning Center Online Giving WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where t... |
| N/A | 2025-05-15 | CVE-2024-11718 | cve | The tarteaucitron-wp WordPress plugin before 0.3.0 allows author level and above users to add HTML into a post/page, which could allow users with the contributor role and above ... |
| N/A | 2025-05-15 | CVE-2024-11719 | cve | The tarteaucitron-wp WordPress plugin before 0.3.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make ... |
| N/A | 2025-05-15 | CVE-2024-11843 | cve | The Panorama WordPress plugin through 1.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site... |
| N/A | 2025-05-15 | CVE-2024-12282 | cve | The WordPress???? WordPress plugin through 2.5.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make lo... |
| N/A | 2025-05-15 | CVE-2024-12301 | cve | The JSP Store Locator WordPress plugin through 1.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSR... |
| N/A | 2025-05-15 | CVE-2024-12679 | cve | The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| Page(s) : 1 ... 236 237 238 239 240 241 242 243 244 245 [246] 247 248 249 250 251 252 253 254 255 256 ... | Result(s) : 298990 |
