| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in WPExperts.io WP Multistore Locator wp-multi-store-locator allows Reflected XSS.This issue affects WP Multistore Locator: from n/a through <= 2.4.7. |
| Missing Authorization vulnerability in webraketen Internal Links Manager seo-automated-link-building allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Internal Links Manager: from n/a through <= 2.5.2. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in listamester Listamester listamester allows Stored XSS.This issue affects Listamester: from n/a through <= 2.3.4. |
| Improper Control of Generation of Code ('Code Injection') vulnerability in wpspin Post/Page Copying Tool postpage-import-export-with-custom-fields-taxonomies allows Remote Code Inclusion.This issue affects Post/Page Copying Tool: from n/a through <= 2.0.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in umangmetatagg Custom WP Store Locator custom-store-locator allows Reflected XSS.This issue affects Custom WP Store Locator: from n/a through <= 1.4.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in osama.esh WP Visitor Statistics (Real Time Traffic) wp-stats-manager allows Stored XSS.This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through <= 7.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denis Cherniatev ShMapper by Teplitsa shmapper-by-teplitsa allows Stored XSS.This issue affects ShMapper by Teplitsa: from n/a through <= 1.5.0. |
| Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in AyeCode Ketchup Shortcodes ketchup-shortcodes-pack allows Stored XSS.This issue affects Ketchup Shortcodes: from n/a through <= 0.1.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in codepeople Form Builder CP cp-easy-form-builder allows SQL Injection.This issue affects Form Builder CP: from n/a through <= 1.2.41. |
| Deserialization of Untrusted Data vulnerability in Pdfcrowd Dev Team Save as PDF save-as-pdf-by-pdfcrowd allows Object Injection.This issue affects Save as PDF: from n/a through <= 4.4.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhanendran Rajagopal Term Taxonomy Converter term-taxonomy-converter allows Reflected XSS.This issue affects Term Taxonomy Converter: from n/a through <= 1.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in serpednet SERPed.net serped-net allows SQL Injection.This issue affects SERPed.net: from n/a through <= 4.4. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle PPOM for WooCommerce woocommerce-product-addon allows Stored XSS.This issue affects PPOM for WooCommerce: from n/a through <= 33.0.8. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes – Worldwide Express Edition small-package-quotes-wwe-edition allows SQL Injection.This issue affects Small Package Quotes – Worldwide Express Edition: from n/a through <= 5.2.17. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle AI Chatbot for WordPress – Hyve Lite hyve-lite allows Stored XSS.This issue affects AI Chatbot for WordPress – Hyve Lite: from n/a through <= 1.2.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows SQL Injection.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.8. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology LTL Freight Quotes – Worldwide Express Edition ltl-freight-quotes-worldwide-express-edition allows SQL Injection.This issue affects LTL Freight Quotes – Worldwide Express Edition: from n/a through <= 5.0.20. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mra13 Simple Download Monitor simple-download-monitor allows Blind SQL Injection.This issue affects Simple Download Monitor: from n/a through <= 3.9.25. |
| Deserialization of Untrusted Data vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce ecab-taxi-booking-manager allows Object Injection.This issue affects Taxi Booking Manager for WooCommerce: from n/a through <= 1.1.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp.insider Simple Membership Custom Messages simple-membership-custom-messages allows Reflected XSS.This issue affects Simple Membership Custom Messages: from n/a through <= 2.4. |
