| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bulktheme WOOEXIM wooexim allows SQL Injection.This issue affects WOOEXIM: from n/a through <= 5.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roya khosravi SingSong singsong allows Stored XSS.This issue affects SingSong: from n/a through <= 1.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Farrell wp Hosting Performance Check wp-hosting-performance-check allows Reflected XSS.This issue affects wp Hosting Performance Check: from n/a through <= 2.18.8. |
| Cross-Site Request Forgery (CSRF) vulnerability in Tock Tock Widget tock-widget allows Cross Site Request Forgery.This issue affects Tock Widget: from n/a through <= 1.1. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through <= 1.29. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yamna Khawaja KNR Author List Widget knr-author-list-widget allows Reflected XSS.This issue affects KNR Author List Widget: from n/a through <= 3.1.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Phillips Simple Locator simple-locator allows Reflected XSS.This issue affects Simple Locator: from n/a through <= 2.0.4. |
| Deserialization of Untrusted Data vulnerability in kkarpieszuk WC Price History for Omnibus wc-price-history allows Object Injection.This issue affects WC Price History for Omnibus: from n/a through <= 2.1.4. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in roninwp FAT Event Lite fat-event-lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through <= 1.1. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in iDo8p WPMU Prefill Post wpmu-prefill-post allows SQL Injection.This issue affects WPMU Prefill Post: from n/a through <= 1.02. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smart Agenda Smart Agenda smart-agenda-prise-de-rendez-vous-en-ligne allows Stored XSS.This issue affects Smart Agenda: from n/a through <= 4.7. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crispweb NC Wishlist for Woocommerce nc-wishlist-for-woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a through <= 1.0.1. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mindvalley MindValley Super PageMash mindvalley-pagemash allows SQL Injection.This issue affects MindValley Super PageMash: from n/a through <= 1.1. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Improve My City Improve My City improve-my-city allows Reflected XSS.This issue affects Improve My City: from n/a through <= 1.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FAKTOR VIER F4 Post Tree f4-tree allows Reflected XSS.This issue affects F4 Post Tree: from n/a through <= 1.1.18. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N3wNormal LucidLMS lucidlms allows Reflected XSS.This issue affects LucidLMS: from n/a through <= 1.0.5. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App ach-invoice-app allows PHP Local File Inclusion.This issue affects Ach Invoice App: from n/a through <= 1.0.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Opentracker Opentracker Analytics opentracker-analytics allows Reflected XSS.This issue affects Opentracker Analytics: from n/a through <= 1.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in promact WP Azure offload wp-azure-offload allows Reflected XSS.This issue affects WP Azure offload: from n/a through <= 2.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pjfc SyncFields syncfields allows Reflected XSS.This issue affects SyncFields: from n/a through <= 2.1. |
