| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through <= 1.4.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ka2 Custom DataBase Tables custom-database-tables allows Reflected XSS.This issue affects Custom DataBase Tables: from n/a through <= 2.1.34. |
| Cross-Site Request Forgery (CSRF) vulnerability in Ofek Nakar Virtual Bot virtual-bot allows Stored XSS.This issue affects Virtual Bot: from n/a through <= 1.0.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in traveller11 Google Maps Travel Route google-maps-travel-route allows SQL Injection.This issue affects Google Maps Travel Route: from n/a through <= 1.3.1. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hiren.sabd WP Music Player wp-music-player allows SQL Injection.This issue affects WP Music Player: from n/a through <= 1.3. |
| In the Drupal 7 Internationalization (i18n) module, the i18n_node submodule allows a user with both "Translate content" and "Administer content translations" permissions to view and attach unpublished nodes via the translation UI and its autocomplete widget. This bypasses intended access controls and discloses unpublished node titles and IDs.
Exploit affects versions 7.x-1.0 up to and including 7.x-1.35. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jonkern WPListCal wplistcal allows SQL Injection.This issue affects WPListCal: from n/a through <= 1.3.5. |
| Missing Authorization vulnerability in Ella Van Durpe Slides & Presentations slide allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slides & Presentations: from n/a through <= 0.0.39. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in snagysandor Simple Photo Sphere simple-photo-sphere allows Stored XSS.This issue affects Simple Photo Sphere: from n/a through <= 0.0.10. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M Bilal M Urdu Formatter – Shamil urdu-formatter-shamil allows Stored XSS.This issue affects Urdu Formatter – Shamil: from n/a through <= 0.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PORTONE 아임포트 결제버튼 생성 플러그인 iamport-payment allows Stored XSS.This issue affects 아임포트 결제버튼 생성 플러그인: from n/a through <= 1.1.19. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wordpresteem WE Blocks we-blocks allows Stored XSS.This issue affects WE Blocks: from n/a through <= 1.3.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Huurkalender.nl Huurkalender WP huurkalender-wp allows Stored XSS.This issue affects Huurkalender WP: from n/a through <= 1.5.6. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Yamna Khawaja Mailing Group Listserv wp-mailing-group allows SQL Injection.This issue affects Mailing Group Listserv: from n/a through <= 2.0.9. |
| Deserialization of Untrusted Data vulnerability in mywebtonet PHP/MySQL CPU performance statistics mywebtonet-performancestats allows Object Injection.This issue affects PHP/MySQL CPU performance statistics: from n/a through <= 1.2.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bharat Kambariya Donation Block For PayPal donations-block allows Stored XSS.This issue affects Donation Block For PayPal: from n/a through <= 2.2.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in formafzar فرم ساز فرم افزار formafzar allows Stored XSS.This issue affects فرم ساز فرم افزار: from n/a through <= 2.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in scheduler Schedule schedule allows Blind SQL Injection.This issue affects Schedule: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roya khosravi SingSong singsong allows Stored XSS.This issue affects SingSong: from n/a through <= 1.2. |
