| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivan82 User List user-list allows Reflected XSS.This issue affects User List: from n/a through <= 1.5.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in IT-RAYS RAYS Grid rays-grid allows Cross Site Request Forgery.This issue affects RAYS Grid: from n/a through <= 1.3.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in hosting.io JPG, PNG Compression and Optimization wp-image-compression allows Cross Site Request Forgery.This issue affects JPG, PNG Compression and Optimization: from n/a through <= 1.7.35. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bernd Altmeier Google Maps GPX Viewer google-maps-gpx-viewer allows Reflected XSS.This issue affects Google Maps GPX Viewer: from n/a through <= 3.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in luk3thomas Bulk Content Creator bulk-content-creator allows Cross Site Request Forgery.This issue affects Bulk Content Creator: from n/a through <= 1.2.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in oooorgle Quotes llama quotes-llama allows Reflected XSS.This issue affects Quotes llama: from n/a through <= 3.0.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pathomation Pathomation pathomation allows Stored XSS.This issue affects Pathomation: from n/a through <= 2.5.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themelogger Contact Form 7 Star Rating with font Awesome contact-form-7-star-rating-with-font-awersome allows Stored XSS.This issue affects Contact Form 7 Star Rating with font Awesome: from n/a through <= 1.3. |
| Deserialization of Untrusted Data vulnerability in Nazmul Hasan Robin NHR Options Table Manager nhrrob-options-table-manager allows Object Injection.This issue affects NHR Options Table Manager: from n/a through <= 1.1.2. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Asia MyTicket Events myticket-events allows Path Traversal.This issue affects MyTicket Events: from n/a through <= 1.2.4. |
| Missing Authorization vulnerability in revenueflex Auto Ad Inserter – Increase Google Adsense and Ad Manager Revenue revenueflex-easy-ads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Auto Ad Inserter – Increase Google Adsense and Ad Manager Revenue: from n/a through <= 1.5. |
| Missing Authorization vulnerability in platcom WP-Asambleas wp-asambleas allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-Asambleas: from n/a through <= 2.85.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webparexapp Shipmozo Courier Tracking webparex allows Reflected XSS.This issue affects Shipmozo Courier Tracking: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PoppinsDigital.com WPYog Documents wpyog-documents allows Reflected XSS.This issue affects WPYog Documents: from n/a through <= 1.3.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in seyyed-amir Erima Zarinpal Donate erima-zarinpal-donate allows Cross Site Request Forgery.This issue affects Erima Zarinpal Donate: from n/a through <= 1.0. |
| Deserialization of Untrusted Data vulnerability in ssvadim SS Quiz ssquiz allows Object Injection.This issue affects SS Quiz: from n/a through <= 2.0.5. |
| Deserialization of Untrusted Data vulnerability in saoshyant1994 Saoshyant Slider saoshyant-slider allows Object Injection.This issue affects Saoshyant Slider: from n/a through <= 3.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in divspark Flagged Content flagged-content allows Reflected XSS.This issue affects Flagged Content: from n/a through <= 1.0.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cookforweb All In Menu all-in-menu allows Blind SQL Injection.This issue affects All In Menu: from n/a through <= 1.1.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lynk Flashfader flashfader allows Reflected XSS.This issue affects Flashfader: from n/a through <= 1.1.1. |
