| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in Arshid Easy Hide Login.This issue affects Easy Hide Login: from n/a through 1.0.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in Marco Steinbrecher WP BrowserUpdate plugin <= 4.4.1 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin <= 5.1.4 versions. |
| Missing Authorization vulnerability in Jose Vega Display custom fields in the frontend – Post and User Profile Fields allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display custom fields in the frontend – Post and User Profile Fields: from n/a through 1.2.0. |
| Missing Authorization vulnerability in wooproductimporter Sharkdropship for AliExpress Dropship and Affiliate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sharkdropship for AliExpress Dropship and Affiliate: from n/a through 2.2.3. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BannerSky BSK Forms Blacklist.This issue affects BSK Forms Blacklist: from n/a through 3.6.2. |
| Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8. |
| Missing Authorization vulnerability in YummyWP Smart WooCommerce Search allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart WooCommerce Search: from n/a through 2.5.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CreativeMindsSolutions CM Popup Plugin for WordPress.This issue affects CM Popup Plugin for WordPress: from n/a through 1.5.10. |
| Missing Authorization vulnerability in Matthew Ruddy Easing Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easing Slider : from n/a through 3.0.8. |
| Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Featured Post Creative allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Featured Post Creative: from n/a through 1.2.7. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themefic Ultimate Addons for Contact Form 7.This issue affects Ultimate Addons for Contact Form 7: from n/a through 3.1.23. |
| Missing Authorization vulnerability in HashThemes Square allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Square: from n/a through 2.0.0. |
| Missing Authorization vulnerability in Stamped.io Stamped.io Product Reviews & UGC for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stamped.io Product Reviews & UGC for WooCommerce: from n/a through 2.3.2. |
| Missing Authorization vulnerability in Sparkle WP Educenter.This issue affects Educenter: from n/a through 1.5.5. |
| Missing Authorization vulnerability in Sparkle Themes Blogger Buzz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Blogger Buzz: from n/a through 1.2.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters plugin <= 4.8.8 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple Job Board plugin <= 2.10.3 versions. |
| Cross-Site Request Forgery (CSRF) vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin <= 1.1.3 versions. |
| Missing Authorization vulnerability in 腾讯云 tencentcloud-cos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects tencentcloud-cos: from n/a through 1.0.7. |
