| Page(s) : 1 ... 963 964 965 966 967 968 969 970 971 972 [973] 974 975 976 977 978 979 980 981 982 983 ... | Result(s) : 326662 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2025-02-19 | CVE-2024-13592 | cve | The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the... |
| 6.4 | 2025-02-19 | CVE-2024-13657 | cve | The Store Locator Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'storelocatorwidget' shortcode in all versions up to, ... |
| 6.4 | 2025-02-19 | CVE-2024-13660 | cve | The Responsive Flickr Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fshow' shortcode in all versions up to, and in... |
| 6.4 | 2025-02-19 | CVE-2024-13663 | cve | The Coaching Staffs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mstw-cs-table' shortcode in all versions up to, and includ... |
| 6.4 | 2025-02-19 | CVE-2024-13674 | cve | The Cosmic Blocks (40+) Content Editor Blocks Collection plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cwp_social_share' sho... |
| 6.5 | 2025-02-19 | CVE-2024-13676 | cve | The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' attribute of the 'image_gallery' shortcode in all versions... |
| 5.4 | 2025-02-19 | CVE-2024-13679 | cve | The Widget BUY.BOX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buybox-widget' shortcode in all versions up to, and includi... |
| 6.1 | 2025-02-19 | CVE-2024-13711 | cve | The Pollin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'question' parameter in all versions up to, and including, 1.01.1 due to insuff... |
| 4.9 | 2025-02-19 | CVE-2024-13712 | cve | The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient escaping o... |
| 5.3 | 2025-02-19 | CVE-2024-13719 | cve | The PeproDev Ultimate Invoice plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.8 via the invoicing viewer due to ... |
| 6.1 | 2025-02-19 | CVE-2024-13736 | cve | The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, ... |
| 4.3 | 2025-02-19 | CVE-2024-13854 | cve | The Education Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.1 via the naedu_elementor_temp... |
| 6.5 | 2025-02-19 | CVE-2025-0865 | cve | The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation ... |
| 5.3 | 2025-02-19 | CVE-2024-13231 | cve | The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_vi... |
| 4.3 | 2025-02-19 | CVE-2024-13336 | cve | The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce va... |
| 5.4 | 2025-02-19 | CVE-2024-13339 | cve | The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.6. This is due to missing or incorrect no... |
| 6.1 | 2025-02-19 | CVE-2024-13363 | cve | The Raptive Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'poc' parameter in all versions up to, and including, 3.6.3 due to insuffi... |
| 5.3 | 2025-02-19 | CVE-2024-13364 | cve | The Raptive Ads plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the site_ads_files_reset() and cls_file_reset() functions in all v... |
| N/A | 2025-02-19 | CVE-2025-1007 | cve | In OpenVSX version v0.9.0 to v0.20.0, the /user/namespace/{namespace}/details API allows a user to edit all namespace details, even if the user is not a namespace Owner or Co... |
| 4.8 | 2025-02-19 | CVE-2025-1024 | cve | A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary JavaScript in a victim's browser via Reflected Cross-Site Scripting (XSS) in the Edi... |
| Page(s) : 1 ... 963 964 965 966 967 968 969 970 971 972 [973] 974 975 976 977 978 979 980 981 982 983 ... | Result(s) : 326662 |
