| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Authorization Bypass Through User-Controlled Key vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus.This issue affects WP Photo Album Plus: from n/a through 8.5.02.005. |
| Unrestricted Upload of File with Dangerous Type vulnerability in Symbiostock symbiostock.This issue affects Symbiostock: from n/a through 6.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Reflected XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2. |
| Deserialization of Untrusted Data vulnerability in Phpbits Creative Studio Genesis Simple Love.This issue affects Genesis Simple Love: from n/a through 2.0. |
| Deserialization of Untrusted Data vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in Denis Kobozev CSV Importer.This issue affects CSV Importer: from n/a through 0.3.8. |
| Deserialization of Untrusted Data vulnerability in Tim Brattberg BCorp Shortcodes.This issue affects BCorp Shortcodes: from n/a through 0.23. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Hakan Demiray Sayfa Sayac.This issue affects Sayfa Sayac: from n/a through 2.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a through 2.0.10. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Raschendorfer Smart External Link Click Monitor [Link Log] allows Stored XSS.This issue affects Smart External Link Click Monitor [Link Log]: from n/a through 5.0.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoonthemes Couponis - Affiliate & Submitting Coupons WordPress Theme.This issue affects Couponis - Affiliate & Submitting Coupons WordPress Theme: from n/a before 2.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Gravity Master Product Enquiry for WooCommerce.This issue affects Product Enquiry for WooCommerce: from n/a through 3.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.4. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spoon themes Adifier - Classified Ads WordPress Theme.This issue affects Adifier - Classified Ads WordPress Theme: from n/a before 3.1.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in Giannopoulos Kostas WPsoonOnlinePage.This issue affects WPsoonOnlinePage: from n/a through 1.9. |
| Authorization Bypass Through User-Controlled Key vulnerability in Blaz K. Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Stored XSS.This issue affects Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: from n/a through 2.2.24. |
| Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Block for Font Awesome.This issue affects Block for Font Awesome: from n/a through 1.4.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Younes JFR. Advanced Database Cleaner.This issue affects Advanced Database Cleaner: from n/a through 3.1.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in gVectors Team WooDiscuz – WooCommerce Comments.This issue affects WooDiscuz – WooCommerce Comments: from n/a through 2.3.0. |
