| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Missing Authorization vulnerability in ThemeHunk Zita Site Builder ai-site-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through <= 1.0.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in rubengarzajr GitSync git-sync allows Code Injection.This issue affects GitSync: from n/a through <= 1.1.0. |
| Deserialization of Untrusted Data vulnerability in Ultimate Member ForumWP forumwp allows Object Injection.This issue affects ForumWP: from n/a through <= 2.1.0. |
| Generation of Error Message Containing Sensitive Information vulnerability in videogallery Vimeography vimeography allows Retrieve Embedded Sensitive Data.This issue affects Vimeography: from n/a through <= 2.4.4. |
| Incorrect Privilege Assignment vulnerability in Knowhalim KH Easy User Settings kh-easy-user-settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spartac Feedpress Generator feedpress-generator allows Reflected XSS.This issue affects Feedpress Generator: from n/a through <= 1.2.1. |
| Incorrect Privilege Assignment vulnerability in saiful.total Wp NssUser Register wp-nssuser-register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through <= 1.0.0. |
| Path Traversal: '.../...//' vulnerability in boggibill GetShop ecommerce getshop-ecommerce allows Path Traversal.This issue affects GetShop ecommerce: from n/a through <= 1.3. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in tenteeglobal Instant Appointment instant-appointment allows SQL Injection.This issue affects Instant Appointment: from n/a through <= 1.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in premila Gutensee gutensee allows DOM-Based XSS.This issue affects Gutensee: from n/a through <= 1.0.6. |
| Missing Authorization vulnerability in Saul Morales Pacheco Banner System banner-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Banner System: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Enrico Cantori 3D Avatar User Profile 3d-avatar-user-profile allows Reflected XSS.This issue affects 3D Avatar User Profile: from n/a through <= 1.0.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada avada.This issue affects Avada: from n/a through <= 7.11.10. |
| Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita meeting-scheduler-by-vcita allows Cross Site Request Forgery.This issue affects Online Booking & Scheduling Calendar for WordPress by vcita: from n/a through <= 4.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in brandtoss WP Mailster wp-mailster allows Cross Site Request Forgery.This issue affects WP Mailster: from n/a through <= 1.8.17.0. |
| Missing Authorization vulnerability in beat.k Termin-Kalender termin-kalender allows Stored XSS.This issue affects Termin-Kalender: from n/a through <= 0.99.47. |
| Cross-Site Request Forgery (CSRF) vulnerability in wpgear Hack-Info hack-info allows Stored XSS.This issue affects Hack-Info: from n/a through <= 3.17. |
| Cross-Site Request Forgery (CSRF) vulnerability in Sabri Sogrid sogrid allows Privilege Escalation.This issue affects Sogrid: from n/a through <= 1.5.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas K Landis Fancy Roller Scroller fancy-roller-scroller allows Stored XSS.This issue affects Fancy Roller Scroller: from n/a through <= 1.4.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hjyl hmd hmd allows Stored XSS.This issue affects hmd: from n/a through <= 2.0. |
