| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in Shayan Farhang Pazhooh ShayanWeb Admin FontChanger shayanweb-admin-fontchanger allows Stored XSS.This issue affects ShayanWeb Admin FontChanger: from n/a through <= 1.9.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Backup xm-backup allows Stored XSS.This issue affects XM-Backup: from n/a through <= 0.9.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in undsgn Uncode uncode allows Reflected XSS.This issue affects Uncode: from n/a through < 2.9.4.4. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vincent Boiardt Easy Flash Embed easy-flash-embed allows Stored XSS.This issue affects Easy Flash Embed: from n/a through <= 1.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in ericzane Floating Window Music Player floating-window-music-player allows Stored XSS.This issue affects Floating Window Music Player: from n/a through <= 3.4.2. |
| Missing Authorization vulnerability in FRESHFACE Custom CSS custom-css-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Custom CSS: from n/a through <= 1.4.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm_Force Ultimate Addons for WPBakery Page Builder ultimate_vc_addons allows Stored XSS.This issue affects Ultimate Addons for WPBakery Page Builder: from n/a through < 3.21.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in nitinmaurya12 Block Country block-country allows Stored XSS.This issue affects Block Country: from n/a through <= 1.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in solwin Blog Designer PRO blog-designer-pro.This issue affects Blog Designer PRO: from n/a through <= 3.4.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in johnh10 Video Blogster Lite video-blogster-lite allows Reflected XSS.This issue affects Video Blogster Lite: from n/a through <= 1.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Moloni Contribuinte Checkout contribuinte-checkout allows Stored XSS.This issue affects Contribuinte Checkout: from n/a through <= 2.0.03. |
| Deserialization of Untrusted Data vulnerability in Florent Maillefaud WP Maintenance wp-maintenance allows Object Injection.This issue affects WP Maintenance: from n/a through <= 6.1.9.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FunnelCockpit FunnelCockpit funnelcockpit allows Reflected XSS.This issue affects FunnelCockpit: from n/a through <= 1.4.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Faiyaz Alam User Login History user-login-history allows Stored XSS.This issue affects User Login History: from n/a through <= 2.1.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cookiecode CookieCode cookiecode allows Stored XSS.This issue affects CookieCode: from n/a through <= 2.4.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in qusupport LiveAgent liveagent allows Cross Site Request Forgery.This issue affects LiveAgent: from n/a through <= 4.4.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bistromatic N360 | Splash Screen n360-splash-screen allows Stored XSS.This issue affects N360 | Splash Screen: from n/a through <= 1.0.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woobox Woobox woobox allows Stored XSS.This issue affects Woobox: from n/a through <= 1.6. |
