Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 246 247 248 249 250 251 252 253 254 255 [256] 257 258 259 260 261 262 263 264 265 266 ... Result(s) : 324592

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
N/A 2025-05-15 CVE-2024-6335 cve The Tracking Code Manager WordPress plugin before 2.3.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored...
N/A 2025-05-15 CVE-2024-6462 cve The DL Yandex Metrika WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros...
N/A 2025-05-15 CVE-2024-6478 cve The CTT Expresso para WooCommerce WordPress plugin before 3.2.13 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perfo...
N/A 2025-05-15 CVE-2024-6486 cve The ImageMagick Engine ImageMagick Engine WordPress plugin before 1.7.11 for WordPress is vulnerable to OS Command Injection via the "cli_path" parameter. This allows authentica...
N/A 2025-05-15 CVE-2024-6668 cve The ProfilePro WordPress plugin through 1.3 does not sanitise and escape some parameters and lacks proper access controls, which could allow users with a role as low as subscrib...
N/A 2025-05-15 CVE-2024-6690 cve The wccp-pro WordPress plugin before 15.3 contains an open-redirect flaw via the referrer parameter, allowing redirection of users to external sites
N/A 2025-05-15 CVE-2024-6693 cve The wccp-pro WordPress plugin before 15.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Sc...
N/A 2025-05-15 CVE-2024-6708 cve The User Profile Builder WordPress plugin before 3.12.2 does not sanitise and escape some parameters before outputting its content on the admin area, which allows Admin+ users ...
N/A 2025-05-15 CVE-2024-6712 cve The MapFig Studio WordPress plugin through 0.2.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make lo...
N/A 2025-05-15 CVE-2024-6713 cve The PVN Auth Popup WordPress plugin through 1.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross...
5.4 2025-05-15 CVE-2024-6718 cve The PVN Auth Popup WordPress plugin through 1.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is...
N/A 2025-05-15 CVE-2024-6719 cve The Offload Videos WordPress plugin before 1.0.1 does not have CSRF check in place when updating its settings, which could allow low privilege users to update them via a CSRF a...
N/A 2025-05-15 CVE-2024-6797 cve The DL Robots.txt WordPress plugin through 1.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Si...
N/A 2025-05-15 CVE-2024-8032 cve The Smooth Gallery Replacement WordPress plugin through 1.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers...
N/A 2025-05-15 CVE-2024-8050 cve The Custom Author Base WordPress plugin through 1.1.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change ...
N/A 2025-05-15 CVE-2024-8082 cve The Widgets Reset WordPress plugin through 0.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi...
N/A 2025-05-15 CVE-2024-8085 cve The PeoplePond WordPress plugin through 1.1.9 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logge...
6.1 2025-05-15 CVE-2024-8090 cve The JavaScript Logic WordPress plugin through 0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make l...
6.5 2025-05-15 CVE-2024-8094 cve The Ntz Antispam WordPress plugin through 2.0e does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them vi...
6.1 2025-05-15 CVE-2024-8095 cve The BabelZ WordPress plugin through 1.1.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged i...
Page(s) : 1 ... 246 247 248 249 250 251 252 253 254 255 [256] 257 258 259 260 261 262 263 264 265 266 ... Result(s) : 324592