| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VarDump s.r.l. Advanced Post Search advanced-post-search allows Reflected XSS.This issue affects Advanced Post Search: from n/a through <= 1.1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Tufts WP Cards wp-cards allows Reflected XSS.This issue affects WP Cards: from n/a through <= 1.5.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in svmidi OK Poster Group ok-poster-group allows Reflected XSS.This issue affects OK Poster Group: from n/a through <= 1.1. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ProfitShare.ro WP Profitshare wp-profitshare allows SQL Injection.This issue affects WP Profitshare: from n/a through <= 1.4.9. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Marcel-NL Super Simple Subscriptions super-simple-subscriptions allows SQL Injection.This issue affects Super Simple Subscriptions: from n/a through <= 1.1.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design cf7-material-design allows Stored XSS.This issue affects Contact Form 7 Material Design: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in crosstec Breezing Forms breezing-forms allows Reflected XSS.This issue affects Breezing Forms: from n/a through <= 1.2.8.11. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt FoodMenu dzs-restaurantmenu allows Reflected XSS.This issue affects FoodMenu: from n/a through <= 1.20. |
| Incorrect Privilege Assignment vulnerability in AA-Team Responsive Coming Soon Landing Page / Holding Page for WordPress wordpress-flat-countdown allows Privilege Escalation.This issue affects Responsive Coming Soon Landing Page / Holding Page for WordPress: from n/a through <= 3.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Simen snssimen allows PHP Local File Inclusion.This issue affects Simen: from n/a through <= 4.6. |
| Missing Authorization vulnerability in August Infotech Multi-language Responsive Contact Form responsive-contact-form allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Multi-language Responsive Contact Form: from n/a through <= 2.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt WooCommerce Shop Page Builder dzs-wootable allows Reflected XSS.This issue affects WooCommerce Shop Page Builder: from n/a through <= 2.27.7. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in serpednet SERPed.net serped-net allows PHP Local File Inclusion.This issue affects SERPed.net: from n/a through <= 4.6. |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Jose Mortellaro Content No Cache content-no-cache allows Code Injection.This issue affects Content No Cache: from n/a through <= 0.1.4. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme SNS Anton snsanton allows PHP Local File Inclusion.This issue affects SNS Anton: from n/a through <= 4.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Evon snsevon allows PHP Local File Inclusion.This issue affects Evon: from n/a through <= 3.4. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme SNS Vicky snsvicky allows PHP Local File Inclusion.This issue affects SNS Vicky: from n/a through <= 3.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Reflected XSS.This issue affects WP Front User Submit / Front Editor: from n/a through <= 4.9.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in Webaholicson Epicwin Plugin epicwin-subscribers allows SQL Injection.This issue affects Epicwin Plugin: from n/a through <= 1.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in Soli WP Mail Options wp-mail-options allows Stored XSS.This issue affects WP Mail Options: from n/a through <= 0.2.3. |
