| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unrestricted Upload of File with Dangerous Type vulnerability in paxmanpwnz Product Website Showcase product-websites-showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a through <= 1.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in photokiteditor photokit photokit allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through <= 1.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through <= 0.2.2. |
| Incorrect Privilege Assignment vulnerability in gerryworks GERRYWORKS Post by Mail gerryworks-post-by-mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through <= 1.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in redhopit WP Dropbox Dropins wp-dropbox-dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DotsquaresLtd Google Map Locations google-map-locations allows Reflected XSS.This issue affects Google Map Locations: from n/a through <= 1.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Stefan Nour AVChat Video Chat avchat-3 allows Stored XSS.This issue affects AVChat Video Chat: from n/a through <= 2.2. |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through <= 6.7. |
| Cross-Site Request Forgery (CSRF) vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through <= 2.2.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider jlayer-parallax-slider-wp allows Reflected XSS.This issue affects jLayer Parallax Slider: from n/a through <= 1.0. |
| Deserialization of Untrusted Data vulnerability in giveawayboost Giveaway Boost giveaway-boost allows Object Injection.This issue affects Giveaway Boost: from n/a through <= 2.1.4. |
| Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System plms allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through <= 4.2.38. |
| Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds nicebackgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through <= 1.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through <= 1.0.0. |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through <= 1.0.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in bepitulaz Woostagram Connect woostagram-connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through <= 1.0.2. |
| Unrestricted Upload of File with Dangerous Type vulnerability in Vasileios Kerasiotis Affiliator affiliator-lite allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through <= 2.1.3. |
| Missing Authorization vulnerability in wpdiscover Photo Gallery Builder photo-gallery-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Photo Gallery Builder: from n/a through <= 3.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in sovratecdev Sovratec Case Management sovratec-case-management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahriar Alam All in One Slider all-in-one-slider allows Reflected XSS.This issue affects All in One Slider: from n/a through <= 1.1. |
