Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 963 964 965 966 967 968 969 970 971 972 [973] 974 975 976 977 978 979 980 981 982 983 ... Result(s) : 326662

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
8.8 2025-02-19 CVE-2024-13592 cve The Team Builder For WPBakery Page Builder(Formerly Visual Composer) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0 via the...
6.4 2025-02-19 CVE-2024-13657 cve The Store Locator Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'storelocatorwidget' shortcode in all versions up to, ...
6.4 2025-02-19 CVE-2024-13660 cve The Responsive Flickr Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fshow' shortcode in all versions up to, and in...
6.4 2025-02-19 CVE-2024-13663 cve The Coaching Staffs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mstw-cs-table' shortcode in all versions up to, and includ...
6.4 2025-02-19 CVE-2024-13674 cve The Cosmic Blocks (40+) Content Editor Blocks Collection plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cwp_social_share' sho...
6.5 2025-02-19 CVE-2024-13676 cve The Categorized Gallery Plugin plugin for WordPress is vulnerable to SQL Injection via the 'field' attribute of the 'image_gallery' shortcode in all versions...
5.4 2025-02-19 CVE-2024-13679 cve The Widget BUY.BOX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'buybox-widget' shortcode in all versions up to, and includi...
6.1 2025-02-19 CVE-2024-13711 cve The Pollin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'question' parameter in all versions up to, and including, 1.01.1 due to insuff...
4.9 2025-02-19 CVE-2024-13712 cve The Pollin plugin for WordPress is vulnerable to SQL Injection via the 'question' parameter in all versions up to, and including, 1.01.1 due to insufficient escaping o...
5.3 2025-02-19 CVE-2024-13719 cve The PeproDev Ultimate Invoice plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.0.8 via the invoicing viewer due to ...
6.1 2025-02-19 CVE-2024-13736 cve The Pure Chat – Live Chat & More! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘purechatWidgetName’ parameter in all versions up to, and including, ...
4.3 2025-02-19 CVE-2024-13854 cve The Education Addon for Elementor plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.3.1 via the naedu_elementor_temp...
6.5 2025-02-19 CVE-2025-0865 cve The WP Media Category Management plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.0 to 2.3.3. This is due to missing or incorrect nonce validation ...
5.3 2025-02-19 CVE-2024-13231 cve The WordPress Portfolio Builder – Portfolio Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'add_vi...
4.3 2025-02-19 CVE-2024-13336 cve The Disable Auto Updates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce va...
5.4 2025-02-19 CVE-2024-13339 cve The DeBounce Email Validator plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.6. This is due to missing or incorrect no...
6.1 2025-02-19 CVE-2024-13363 cve The Raptive Ads plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'poc' parameter in all versions up to, and including, 3.6.3 due to insuffi...
5.3 2025-02-19 CVE-2024-13364 cve The Raptive Ads plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the site_ads_files_reset() and cls_file_reset() functions in all v...
N/A 2025-02-19 CVE-2025-1007 cve In OpenVSX version v0.9.0 to v0.20.0, the /user/namespace/{namespace}/details API allows a user to edit all namespace details, even if the user is not a namespace Owner or Co...
4.8 2025-02-19 CVE-2025-1024 cve A vulnerability exists in ChurchCRM 5.13.0 that allows an attacker to execute arbitrary JavaScript in a victim's browser via Reflected Cross-Site Scripting (XSS) in the Edi...
Page(s) : 1 ... 963 964 965 966 967 968 969 970 971 972 [973] 974 975 976 977 978 979 980 981 982 983 ... Result(s) : 326662