| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Missing Authorization vulnerability in Black and White BookPress – For Book Authors book-press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BookPress – For Book Authors: from n/a through <= 1.2.7. |
| Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation inlocation allows Stored XSS.This issue affects InLocation: from n/a through <= 1.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in richardgabriel Staff Directory Plugin: Company Directory staff-directory-pro allows Stored XSS.This issue affects Staff Directory Plugin: Company Directory: from n/a through <= 4.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yuichiro ABE Meta Accelerator meta-accelerator allows Reflected XSS.This issue affects Meta Accelerator: from n/a through <= 1.0.4. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through <= 3.3. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in kutu62 Sports Rankings and Lists sports-rankings-lists allows Absolute Path Traversal.This issue affects Sports Rankings and Lists: from n/a through <= 1.0.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SocialEvolution WP Find Your Nearest wp-find-your-nearest allows Reflected XSS.This issue affects WP Find Your Nearest: from n/a through <= 0.3.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Mark Barnes Style Tweaker style-tweaker allows Stored XSS.This issue affects Style Tweaker: from n/a through <= 0.11. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robert_kolatzek WP doodlez wpdoodlez allows Stored XSS.This issue affects WP doodlez: from n/a through <= 1.0.10. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antonio Sanchez Uncomplicated SEO uncomplicated-seo allows Reflected XSS.This issue affects Uncomplicated SEO: from n/a through <= 1.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpchurchteam WP Church Center wp-church-center allows Reflected XSS.This issue affects WP Church Center: from n/a through <= 1.3.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in Stanko Metodiev Quote Comments quote-comments allows Stored XSS.This issue affects Quote Comments: from n/a through <= 3.0.0. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in efreja Music Sheet Viewer music-sheet-viewer allows Path Traversal.This issue affects Music Sheet Viewer: from n/a through <= 4.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in scweber Custom Comment Notifications custom-comment-notifications allows Stored XSS.This issue affects Custom Comment Notifications: from n/a through <= 1.0.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in djjmz Simple Auto Tag simple-auto-tag allows Stored XSS.This issue affects Simple Auto Tag: from n/a through <= 1.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in LukaszWiecek Smart DoFollow smart-dofollow allows Stored XSS.This issue affects Smart DoFollow: from n/a through <= 1.0.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing ulisting allows SQL Injection.This issue affects uListing: from n/a through <= 2.1.6. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix uListing ulisting allows Blind SQL Injection.This issue affects uListing: from n/a through <= 2.1.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in Danillo Nunes Login-box login-box allows Stored XSS.This issue affects Login-box: from n/a through <= 2.0.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in ElbowRobo Read More Copy Link read-more-copy-link allows Stored XSS.This issue affects Read More Copy Link: from n/a through <= 1.0.2. |
