| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Qi Blocks plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.4.3. This is due to the plugin storing arbitrary CSS styles submitted via the `qi-blocks/v1/update-styles` REST API endpoint without proper sanitization in the `update_global_styles_callback()` function. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary CSS, which can be used to perform actions such as hiding content, overlaying fake UI elements, or exfiltrating sensitive information via CSS injection techniques. |
| The WP Delicious – Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file uploads when importing recipes via CSV in all versions up to, and including, 1.9.0. This flaw allows an attacker with at least Contributor-level permissions to upload a malicious PHP file by providing a remote URL during a recipe import process, leading to Remote Code Execution (RCE). |
| The TablePress – Tables in WordPress made easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `table` shortcode attributes in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| The CE21 Suite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.3.1 via the log file. This makes it possible for unauthenticated attackers to extract sensitive data including authentication credentials, which can be used to log in as other users as long as they have used the plugin's custom authentication feature before. This may include administrators, which makes a complete site takeover possible. |
| The Crypto Payment Gateway with Payeer for WooCommerce plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 1.0.3. This is due to the plugin not properly verifying a payments status through server-side validation though the /wc-api/bp-payeer-gateway-callback endpoint. This makes it possible for unauthenticated attackers to update unpaid order statuses to paid resulting in a loss of revenue. |
| The EM Beer Manager plugin for WordPress is vulnerable to arbitrary file upload leading to remote code execution in all versions up to, and including, 3.2.3. This is due to missing file type validation in the EMBM_Admin_Untappd_Import_image() function and missing authorization checks on the wp_ajax_embm-untappd-import action. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary files including PHP files and execute code on the server granted they can provide a mock HTTP server that responds with specific JSON data. |
| The a+HRD developed by aEnrich has a Missing Authorization vulnerability, allowing authenticated remote attackers to arbitrarily read database contents through a specific API method. |
| The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including HTML documents, which may result in a XSS-like effect. |
| DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in a user's browser, and inject malicious HTML into web pages viewed by the user. |
| Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors.
Affected version is prior to commit 1.30.0. |
| Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes.
Affected version is prior to commit 1.30.0. |
| Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors.
Affected version is prior to commit 1.30.0. |
| Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation.
Affected version is prior to commit 1.30.0. |
| Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes.
Affected version is prior to commit 1.30.0. |
| Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung Open Source ONE
Affected version is prior to commit 1.30.0. |
| The Mang Board WP plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'mp' parameter in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. |
| The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'delete_orphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Editor-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database, granted they can convince an author-level user or higher to add a malicious custom field value. |
| The Gallery Plugin for WordPress – Envira Photo Gallery plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/envira-convert/v1/bulk-convert' REST API endpoint in all versions up to, and including, 1.11.0. This makes it possible for authenticated attackers, with contributor-level access and above, to convert galleries to Envira galleries. |
| The Crypto plugin for WordPress is vulnerable to unauthorized manipulation of data in all versions up to, and including, 2.22. This is due to the plugin registering an unauthenticated AJAX action (wp_ajax_nopriv_crypto_connect_ajax_process) that allows calling the crypto_delete_json method with only a publicly-available nonce check. This makes it possible for unauthenticated attackers to delete specific JSON files matching the pattern *_pending.json within the wp-content/uploads/yak/ directory, causing data loss and denial of service for plugin workflows that rely on these artifacts. |
| The CTL Arcade Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the 'ctl_arcade_lite_page_manage_games' page. This makes it possible for unauthenticated attackers to deactivate and activate arbitrary plugins via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. |
