| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unrestricted Upload of File with Dangerous Type vulnerability in WebFactory AiBud WP aibuddy-openai-chatgpt allows Upload a Web Shell to a Web Server.This issue affects AiBud WP: from n/a through <= 1.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajitae Google Plus google-plus-google allows Reflected XSS.This issue affects Google Plus: from n/a through <= 1.0.2. |
| Missing Authorization vulnerability in flymke Mark Posts mark-posts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mark Posts: from n/a through <= 2.2.4. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in basteln3rk Save & Import Image from URL save-import-image-from-url allows Reflected XSS.This issue affects Save & Import Image from URL: from n/a through <= 0.7. |
| Missing Authorization vulnerability in FADI MED Editor Wysiwyg Background Color editor-wysiwyg-background-color allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Editor Wysiwyg Background Color: from n/a through <= 1.0. |
| Missing Authorization vulnerability in surdotly Sur.ly surly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sur.ly: from n/a through <= 3.0.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman WP Easy Post Mailer wp-mailer allows Reflected XSS.This issue affects WP Easy Post Mailer: from n/a through <= 0.64. |
| Missing Authorization vulnerability in xola Xola xola-bookings-for-tours-activities allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Xola: from n/a through <= 1.6. |
| Missing Authorization vulnerability in awcode Salvador – AI Image Generator salvador-ai-image-generator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Salvador – AI Image Generator: from n/a through <= 1.0.11. |
| Unrestricted Upload of File with Dangerous Type vulnerability in Scriptonite user files user-files allows Upload a Web Shell to a Web Server.This issue affects user files: from n/a through <= 2.4.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ezmarketing EZPlayer ezplayer allows Stored XSS.This issue affects EZPlayer: from n/a through <= 1.0.10. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M.J WP-Player wp-player allows Stored XSS.This issue affects WP-Player: from n/a through <= 2.6.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Webliup Popliup popliup allows PHP Local File Inclusion.This issue affects Popliup: from n/a through <= 1.1.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in meinturnierplan MeinTurnierplan.de Widget Viewer meinturnierplande-widget-viewer allows Stored XSS.This issue affects MeinTurnierplan.de Widget Viewer: from n/a through <= 1.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KHAN-IT Image Switcher image-switcher allows Stored XSS.This issue affects Image Switcher: from n/a through <= 1.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Alex Furr LinkedIn Lite linkedin-lite allows PHP Local File Inclusion.This issue affects LinkedIn Lite: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sam Brodie Giveaways and Contests by PromoSimple giveaways-contests-by-promosimple allows Stored XSS.This issue affects Giveaways and Contests by PromoSimple: from n/a through <= 1.24. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpfreeware WpF Ultimate Carousel wpf-ultimate-carousel allows Stored XSS.This issue affects WpF Ultimate Carousel: from n/a through <= 1.0.11. |
| Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through <= 3.00. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aleksandar Arsovski Google Org Chart google-org-chart allows Stored XSS.This issue affects Google Org Chart: from n/a through <= 1.0.1. |
