| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unauthenticated Path Traversal in Shared Files <= 1.7.64 versions. |
| Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce <= 3.1.4 versions. |
| Unauthenticated PHP Object Injection in Integration for Salesforce and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.4.3 versions. |
| Unauthenticated PHP Object Injection in Integration for Contact Form 7 and Constant Contact <= 1.1.6 versions. |
| Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms <= 1.2.1 versions. |
| Unauthenticated Broken Access Control in TrueBooker <= 1.1.9 versions. |
| Subscriber Cross Site Scripting (XSS) in WP Job Portal <= 2.5.2 versions. |
| Subscriber Sensitive Data Exposure in Visual Link Preview <= 2.4.1 versions. |
| Unauthenticated Cross Site Scripting (XSS) in Stop Spammers <= 2026.3 versions. |
| Unauthenticated Broken Access Control in Montonio for WooCommerce <= 10.1.2 versions. |
| Unauthenticated Sensitive Data Exposure in EmbedPress <= 4.5.2 versions. |
| Unauthenticated Cross Site Scripting (XSS) in MW WP Form <= 5.1.3 versions. |
| Subscriber Cross Site Scripting (XSS) in King Addons for Elementor <= 51.1.62 versions. |
| Unauthenticated Insecure Direct Object References (IDOR) in Simple Shopping Cart <= 5.2.9 versions. |
| Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master <= 11.1.2 versions. |
| Unauthenticated Cross Site Scripting (XSS) in Post SMTP <= 3.6.2 versions. |
| Unauthenticated Remote Code Execution (RCE) in Easy Invoice <= 2.1.19 versions. |
| Unauthenticated Broken Access Control in Contact Form by WPForms <= 1.10.0.4 versions. |
| Unauthenticated Other Vulnerability Type in WpEvently <= 5.3.3 versions. |
| Unauthenticated SQL Injection in Realtyna Organic IDX plugin <= 5.1.0 versions. |
