| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Caseproof, LLC MemberPress memberpress allows Reflected XSS.This issue affects MemberPress: from n/a through < 1.12.0. |
| Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPAMS apartment-management allows SQL Injection.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through < 4.2.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ashraful Sarkar Naiem License For Envato license-envato allows PHP Local File Inclusion.This issue affects License For Envato: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus@hotmail.com Anything Popup anything-popup allows Reflected XSS.This issue affects Anything Popup: from n/a through <= 7.3. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Crocoblock JetReviews jet-reviews allows PHP Local File Inclusion.This issue affects JetReviews: from n/a through <= 2.3.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla Hospital Management System hospital-management allows Reflected XSS.This issue affects Hospital Management System: from n/a through <= 47.0(20-11-2023). |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mojoomla WPAMS apartment-management allows Reflected XSS.This issue affects WPAMS: from n/a through <= 44.0 (17-08-2023). |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpoperations Opstore opstore allows PHP Local File Inclusion.This issue affects Opstore: from n/a through <= 1.4.5. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in cedcommerce Product Lister for eBay product-lister-ebay allows PHP Local File Inclusion.This issue affects Product Lister for eBay: from n/a through <= 2.0.9. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in codeworkweb Xews Lite xews-lite allows PHP Local File Inclusion.This issue affects Xews Lite: from n/a through <= 1.0.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in danielpataki ACF: Google Font Selector acf-google-font-selector-field allows Reflected XSS.This issue affects ACF: Google Font Selector: from n/a through <= 3.0.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in Kiotviet KiotViet Sync kiotvietsync allows Stored XSS.This issue affects KiotViet Sync: from n/a through <= 1.8.5. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Capturly Capturly capturly-optimize-your-website allows PHP Local File Inclusion.This issue affects Capturly: from n/a through <= 2.0.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows PHP Local File Inclusion.This issue affects Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light: from n/a through <= 2.4.37. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs Appsero Helper appsero-helper allows SQL Injection.This issue affects Appsero Helper: from n/a through <= 1.3.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in aseem1234 Best Posts Summary best-posts-summary allows Stored XSS.This issue affects Best Posts Summary: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Reflected XSS.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through <= 2.6.0. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in cnilsson iCafe Library icafe-library allows SQL Injection.This issue affects iCafe Library: from n/a through <= 1.8.3. |
