| Page(s) : 1 ... 246 247 248 249 250 251 252 253 254 255 [256] 257 258 259 260 261 262 263 264 265 266 ... | Result(s) : 324592 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-15 | CVE-2024-6335 | cve | The Tracking Code Manager WordPress plugin before 2.3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored... |
| N/A | 2025-05-15 | CVE-2024-6462 | cve | The DL Yandex Metrika WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros... |
| N/A | 2025-05-15 | CVE-2024-6478 | cve | The CTT Expresso para WooCommerce WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfo... |
| N/A | 2025-05-15 | CVE-2024-6486 | cve | The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. This allows authentica... |
| N/A | 2025-05-15 | CVE-2024-6668 | cve | The ProfilePro WordPress plugin through 1.3 does not sanitise and escape some parameters and lacks proper access controls, which could allow users with a role as low as subscrib... |
| N/A | 2025-05-15 | CVE-2024-6690 | cve | The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites |
| N/A | 2025-05-15 | CVE-2024-6693 | cve | The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Sc... |
| N/A | 2025-05-15 | CVE-2024-6708 | cve | The User Profile Builder WordPress plugin before 3.12.2 does not sanitise and escape some parameters before outputting its content on the admin area, which allows Admin+ users ... |
| N/A | 2025-05-15 | CVE-2024-6712 | cve | The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make lo... |
| N/A | 2025-05-15 | CVE-2024-6713 | cve | The PVN Auth Popup WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross... |
| 5.4 | 2025-05-15 | CVE-2024-6718 | cve | The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is... |
| N/A | 2025-05-15 | CVE-2024-6719 | cve | The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF a... |
| N/A | 2025-05-15 | CVE-2024-6797 | cve | The DL Robots.txt WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Si... |
| N/A | 2025-05-15 | CVE-2024-8032 | cve | The Smooth Gallery Replacement WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers... |
| N/A | 2025-05-15 | CVE-2024-8050 | cve | The Custom Author Base WordPress plugin through 1.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change ... |
| N/A | 2025-05-15 | CVE-2024-8082 | cve | The Widgets Reset WordPress plugin through 0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi... |
| N/A | 2025-05-15 | CVE-2024-8085 | cve | The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logge... |
| 6.1 | 2025-05-15 | CVE-2024-8090 | cve | The JavaScript Logic WordPress plugin through 0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make l... |
| 6.5 | 2025-05-15 | CVE-2024-8094 | cve | The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi... |
| 6.1 | 2025-05-15 | CVE-2024-8095 | cve | The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged i... |
| Page(s) : 1 ... 246 247 248 249 250 251 252 253 254 255 [256] 257 258 259 260 261 262 263 264 265 266 ... | Result(s) : 324592 |
