| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Missing Authorization vulnerability in Cimatti Consulting Contact Forms by Cimatti allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Forms by Cimatti: from n/a through 1.5.7. |
| Missing Authorization vulnerability in Dynamic.ooo Dynamic Visibility for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamic Visibility for Elementor: from n/a through 5.0.5. |
| Missing Authorization vulnerability in SendPress SendPress Newsletters.This issue affects SendPress Newsletters: from n/a through 1.23.11.6. |
| Missing Authorization vulnerability in Constant Contact Constant Contact Forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constant Contact Forms: from n/a through 2.0.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in WPClever WPC Smart Wishlist for WooCommerce plugin <= 4.7.1 versions. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP Project Manager wedevs-project-manager allows SQL Injection.This issue affects WP Project Manager: from n/a through 2.6.0. |
| Missing Authorization vulnerability in Gesundheit Bewegt GmbH Zippy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Zippy: from n/a through 1.6.2. |
| Missing Authorization vulnerability in Rextheme Change WooCommerce Add To Cart Button Text allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Change WooCommerce Add To Cart Button Text: from n/a through 1.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in Didier Sampaolo SpamReferrerBlock plugin <= 2.22 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Peter Shaw LH Password Changer plugin <= 1.55 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in WP-Cirrus plugin <= 0.6.11 versions. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Groundhogg Inc. Groundhogg allows SQL Injection.This issue affects Groundhogg: from n/a through 2.7.11. |
| Cross-Site Request Forgery (CSRF) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Kenth Hagström WP-Cache.Com plugin <= 1.1.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in SAKURA Internet Inc. TS Webfonts for さくらのレンタルサーバ plugin <= 3.1.2 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Malinky Ajax Pagination and Infinite Scroll plugin <= 2.0.1 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Hide Login plugin <= 2.1.6 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in Guillemant David WP Full Auto Tags Manager plugin <= 2.2 versions. |
