| Page(s) : 1 ... 240 241 242 243 244 245 246 247 248 249 [250] 251 252 253 254 255 256 257 258 259 260 ... | Result(s) : 298990 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-15 | CVE-2024-8082 | cve | The Widgets Reset WordPress plugin through 0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi... |
| N/A | 2025-05-15 | CVE-2024-8085 | cve | The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logge... |
| 6.1 | 2025-05-15 | CVE-2024-8090 | cve | The JavaScript Logic WordPress plugin through 0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make l... |
| 6.5 | 2025-05-15 | CVE-2024-8094 | cve | The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi... |
| 6.1 | 2025-05-15 | CVE-2024-8095 | cve | The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged i... |
| 4.8 | 2025-05-15 | CVE-2024-8187 | cve | The Smart Post Show WordPress plugin before 3.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros... |
| N/A | 2025-05-15 | CVE-2024-8618 | cve | The Page Builder: Pagelayer WordPress plugin before 1.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Sto... |
| N/A | 2025-05-15 | CVE-2024-8619 | cve | The Ajax Search Lite WordPress plugin before 4.12.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cr... |
| N/A | 2025-05-15 | CVE-2024-8620 | cve | The MapPress Maps for WordPress plugin before 2.93 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros... |
| N/A | 2025-05-15 | CVE-2024-8670 | cve | The Photo Gallery by 10Web WordPress plugin before 1.8.29 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Sto... |
| N/A | 2025-05-15 | CVE-2024-8673 | cve | The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript. |
| N/A | 2025-05-15 | CVE-2024-8699 | cve | The Z-Downloads WordPress plugin before 1.11.5 does not properly validate files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server eve... |
| N/A | 2025-05-15 | CVE-2024-8700 | cve | The Event Calendar WordPress plugin through 1.0.4 does not check for authorization on delete actions, allowing unauthenticated users to delete arbitrary calendars. |
| N/A | 2025-05-15 | CVE-2024-8701 | cve | The events-calendar WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros... |
| N/A | 2025-05-15 | CVE-2025-0329 | cve | The AI ChatBot for WordPress WordPress plugin before 6.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform St... |
| N/A | 2025-05-15 | CVE-2025-0687 | cve | The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leadin... |
| N/A | 2025-05-15 | CVE-2025-0688 | cve | The Spiritual Gifts Survey (and optional S.H.A.P.E survey) WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leadin... |
| N/A | 2025-05-15 | CVE-2025-1033 | cve | The Badgearoo WordPress plugin through 1.0.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Sit... |
| N/A | 2025-05-15 | CVE-2025-1286 | cve | The Download HTML TinyMCE Button WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site S... |
| N/A | 2025-05-15 | CVE-2025-1288 | cve | The WOOEXIM WordPress plugin through 5.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make an unau... |
| Page(s) : 1 ... 240 241 242 243 244 245 246 247 248 249 [250] 251 252 253 254 255 256 257 258 259 260 ... | Result(s) : 298990 |
