| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Path Traversal: '.../...//' vulnerability in Ihor Kit Morkva UA Shipping morkva-ua-shipping allows PHP Local File Inclusion.This issue affects Morkva UA Shipping: from n/a through <= 1.0.18. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ederson Peka Media Downloader media-downloader allows Reflected XSS.This issue affects Media Downloader: from n/a through <= 0.4.7.5. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Chill RSVP and Event Management rsvp allows SQL Injection.This issue affects RSVP and Event Management: from n/a through <= 2.7.14. |
| Missing Authorization vulnerability in Michael Super Block Slider super-block-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Block Slider: from n/a through <= 2.7.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpWax Product Carousel Slider & Grid Ultimate for WooCommerce woo-product-carousel-slider-and-grid-ultimate allows Stored XSS.This issue affects Product Carousel Slider & Grid Ultimate for WooCommerce: from n/a through <= 1.10.0. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Reflected XSS.This issue affects WP Multistore Locator: from n/a through <= 2.4.7. |
| Missing Authorization vulnerability in webraketen Internal Links Manager seo-automated-link-building allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Links Manager: from n/a through <= 2.5.2. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through <= 2.3.4. |
| Improper Control of Generation of Code ('Code Injection') vulnerability in wpspin Post/Page Copying Tool postpage-import-export-with-custom-fields-taxonomies allows Remote Code Inclusion.This issue affects Post/Page Copying Tool: from n/a through <= 2.0.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator custom-store-locator allows Reflected XSS.This issue affects Custom WP Store Locator: from n/a through <= 1.4.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Stored XSS.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 7.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denis Cherniatev ShMapper by Teplitsa shmapper-by-teplitsa allows Stored XSS.This issue affects ShMapper by Teplitsa: from n/a through <= 1.5.0. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through <= 0.1.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through <= 1.2.41. |
| Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through <= 4.4.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhanendran Rajagopal Term Taxonomy Converter term-taxonomy-converter allows Reflected XSS.This issue affects Term Taxonomy Converter: from n/a through <= 1.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in serpednet SERPed.net serped-net allows SQL Injection.This issue affects SERPed.net: from n/a through <= 4.4. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Stored XSS.This issue affects PPOM for WooCommerce: from n/a through <= 33.0.8. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows SQL Injection.This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through <= 5.2.17. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle AI Chatbot for WordPress – Hyve Lite hyve-lite allows Stored XSS.This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through <= 1.2.2. |
