| Page(s) : 1 ... 922 923 924 925 926 927 928 929 930 931 [932] 933 934 935 936 937 938 939 940 941 942 ... | Result(s) : 300506 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-20 | CVE-2025-1039 | cve | The Lenix Elementor Leads addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a URL form field in all versions up to, and including, 1.8.2 due to insuffi... |
| N/A | 2025-02-20 | CVE-2025-26856 | cve | Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in UD-LT2 firmware Ver.1.00.008_SE and earlier. If an attacker ... |
| 5.4 | 2025-02-20 | CVE-2024-13155 | cve | The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Transparent Split Hero widget in all versions up to,... |
| 6.1 | 2025-02-20 | CVE-2024-13888 | cve | The WPMobile.App plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 11.56. This is due to insufficient validation on the redirect URL supp... |
| 5.4 | 2025-02-20 | CVE-2025-0897 | cve | The Modal Window – create popup modal window plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'iframeBox' shortcode in all versi... |
| 5.4 | 2025-02-20 | CVE-2025-1064 | cve | The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's xoo_el_action shortcode in all versi... |
| 7.5 | 2025-02-20 | CVE-2024-13476 | cve | The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to SQL Injection via the 'engtz_wd_save_dropship' AJAX endpoint in all versions up to, ... |
| 5.3 | 2025-02-20 | CVE-2024-13520 | cve | The Gift Cards (Gift Vouchers and Packages) (WooCommerce Supported) plugin for WordPress is vulnerable to unauthorized modification of data|loss of data due to a missing capabil... |
| 4.8 | 2025-02-20 | CVE-2024-13748 | cve | The Ultimate Classified Listings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Title parameter in all versions up to, and including, 1.4 due to insuf... |
| 8.8 | 2025-02-20 | CVE-2024-13753 | cve | The Ultimate Classified Listings plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect ... |
| 9.8 | 2025-02-20 | CVE-2024-13789 | cve | The ravpage plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.31 via deserialization of untrusted input from the 'paramsv2&... |
| 9.8 | 2025-02-20 | CVE-2024-13792 | cve | The WooCommerce Food - Restaurant Menu & Food ordering plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.2. This is d... |
| 5.4 | 2025-02-20 | CVE-2024-13802 | cve | The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintown_events' shortcode in all versions up to, an... |
| 4.8 | 2025-02-20 | CVE-2024-13849 | cve | The Cookie Notice Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.3.0 due to insufficient input sanitization and ou... |
| 4.3 | 2025-02-20 | CVE-2024-13855 | cve | The Prime Addons for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.1 via the pae_global_block shortc... |
| 5.4 | 2025-02-20 | CVE-2024-6432 | cve | The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘content’ parameter within the plugin's shortcode Content ... |
| 6.5 | 2025-02-20 | CVE-2025-0866 | cve | The Legoeso PDF Manager plugin for WordPress is vulnerable to time-based SQL Injection via the ‘checkedVals’ parameter in all versions up to, and including, 1.2.2 due to insuffi... |
| 5.4 | 2025-02-20 | CVE-2025-1328 | cve | The Typed JS: A typewriter style animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘typespeed’ parameter in all versions up to, and including, ... |
| 5.3 | 2025-02-20 | CVE-2025-1483 | cve | The LTL Freight Quotes – GlobalTranz Edition plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engtz_wd_save_drops... |
| N/A | 2025-02-20 | CVE-2025-1222 | cve | An attacker can gain application privileges in order to perform limited modification and/or read arbitrary data in Citrix Secure Access Client for Mac |
| Page(s) : 1 ... 922 923 924 925 926 927 928 929 930 931 [932] 933 934 935 936 937 938 939 940 941 942 ... | Result(s) : 300506 |
