| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unrestricted Upload of File with Dangerous Type vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery allows Code Injection.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nicheaddons Primary Addon for Elementor primary-addon-for-elementor allows Stored XSS.This issue affects Primary Addon for Elementor: from n/a through <= 1.5.8. |
| Path Traversal: '.../...//' vulnerability in Limbcode WordPress Gallery Plugin – Limb Image Gallery limb-gallery.This issue affects WordPress Gallery Plugin – Limb Image Gallery: from n/a through <= 1.5.7. |
| Unrestricted Upload of File with Dangerous Type vulnerability in Denis Azz Anonim Posting azz-anonim-posting allows Upload a Web Shell to a Web Server.This issue affects Azz Anonim Posting: from n/a through <= 0.9. |
| Incorrect Authorization vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Htaccess File Editor: from n/a through <= 1.0.18. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele Alessandra Da Reactions da-reactions allows Stored XSS.This issue affects Da Reactions: from n/a through <= 5.1.5. |
| Improper Control of Generation of Code ('Code Injection') vulnerability in sunjianle ajax-extend ajax-extend allows Code Injection.This issue affects ajax-extend: from n/a through <= 1.0. |
| Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in VaultDweller Leyka leyka.This issue affects Leyka: from n/a through <= 3.31.6. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Acnoo Maan Addons For Elementor maan-elementor-addons allows Local Code Inclusion.This issue affects Maan Addons For Elementor: from n/a through <= 1.0.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Table of Contents Plus table-of-contents-plus allows Cross Site Request Forgery.This issue affects Table of Contents Plus: from n/a through <= 2408. |
| Path Traversal: '.../...//' vulnerability in SMSA Express SMSA Shipping smsa-shipping-official allows Path Traversal.This issue affects SMSA Shipping: from n/a through <= 2.3. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ramjon27 Dynamic Elementor Addons dynamic-elementor-addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tady Tito tito allows DOM-Based XSS.This issue affects Tito: from n/a through <= 2.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in ahmeti Ahmeti Wp Timeline ahmeti-wp-timeline allows Stored XSS.This issue affects Ahmeti Wp Timeline: from n/a through <= 5.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hafiz Uddin Ahmed Crazy Call To Action Box crazy-call-to-action-box allows DOM-Based XSS.This issue affects Crazy Call To Action Box: from n/a through <= 1.0.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension plexx-elementor-extension allows DOM-Based XSS.This issue affects Plexx Elementor Extension: from n/a through <= 1.3.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor mas-addons-for-elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through <= 1.1.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in derethor El mejor Cluster mejorcluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through <= 1.1.15. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cyclop WordPress Video wordpress-video allows Stored XSS.This issue affects WordPress Video: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arifnezami Better Author Bio better-author-bio allows Reflected XSS.This issue affects Better Author Bio: from n/a through <= 2.7.10.11. |
