| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Habibur Rahman Comment Form WP – Customize Default Comment Form comment-form-wp allows Stored XSS.This issue affects Comment Form WP – Customize Default Comment Form: from n/a through <= 2.0.1. |
| Missing Authorization vulnerability in priyanshumittal Shk Corporate shk-corporate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shk Corporate: from n/a through <= 2.4.1.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in The African Boss Get Cash get-cash allows Stored XSS.This issue affects Get Cash: from n/a through <= 3.2.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mndpsingh287 WP Mail wp-mail allows DOM-Based XSS.This issue affects WP Mail: from n/a through <= 1.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdever WP Notification Bell wp-notification-bell allows Stored XSS.This issue affects WP Notification Bell: from n/a through <= 1.4.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through <= 1.8. |
| Unrestricted Upload of File with Dangerous Type vulnerability in CreedAlly Bulk Featured Image bulk-featured-image allows Upload a Web Shell to a Web Server.This issue affects Bulk Featured Image: from n/a through <= 1.2.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in SwiftNinjaPro Developer Tools Blocker swiftninjapro-inspect-element-console-blocker allows Cross Site Request Forgery.This issue affects Developer Tools Blocker: from n/a through <= 3.2.1. |
| Missing Authorization vulnerability in desertthemes SoftMe softme allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SoftMe: from n/a through <= 1.1.27. |
| Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider for Elementor: from n/a through <= 2.1.3. |
| Deserialization of Untrusted Data vulnerability in Rubel Miah Aitasi Coming Soon aitasi-coming-soon allows Object Injection.This issue affects Aitasi Coming Soon: from n/a through <= 2.0.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ram Ratan Maurya Stagtools stagtools allows Stored XSS.This issue affects Stagtools: from n/a through <= 2.3.8. |
| Missing Authorization vulnerability in themearile Consultstreet consultstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Consultstreet: from n/a through <= 3.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PriceListo Best Restaurant Menu by PriceListo best-restaurant-menu-by-pricelisto allows Stored XSS.This issue affects Best Restaurant Menu by PriceListo: from n/a through <= 1.4.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CodeUs Ultimate Client Dash ulimate-client-dash allows Stored XSS.This issue affects Ultimate Client Dash: from n/a through <= 4.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jimmywb Simple Link List Widget simple-link-list-widget allows Stored XSS.This issue affects Simple Link List Widget: from n/a through <= 0.3.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Nick Ciske To Lead For Salesforce salesforce-wordpress-to-lead allows Reflected XSS.This issue affects To Lead For Salesforce: from n/a through <= 2.7.3.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Babar prettyPhoto prettyphoto allows Stored XSS.This issue affects prettyPhoto: from n/a through <= 1.2.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in Dsingh Purge Varnish Cache purge-varnish allows Stored XSS.This issue affects Purge Varnish Cache: from n/a through <= 2.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in Tom Longridge WordPress Error Monitoring by Bugsnag bugsnag allows Stored XSS.This issue affects WordPress Error Monitoring by Bugsnag: from n/a through <= 1.6.3. |
