| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Deserialization of Untrusted Data vulnerability in teastudio.pl WP Posts Carousel wp-posts-carousel allows Object Injection.This issue affects WP Posts Carousel: from n/a through <= 1.3.12. |
| Deserialization of Untrusted Data vulnerability in Chimpstudio Foodbakery Sticky Cart foodbakery-sticky-cart allows Object Injection.This issue affects Foodbakery Sticky Cart: from n/a through <= 3.2. |
| Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Conference grandconference allows Object Injection.This issue affects Grand Conference: from n/a through <= 5.3. |
| Server-Side Request Forgery (SSRF) vulnerability in blubrry PowerPress Podcasting powerpress allows Server Side Request Forgery.This issue affects PowerPress Podcasting: from n/a through <= 11.12.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blubrry PowerPress Podcasting powerpress allows DOM-Based XSS.This issue affects PowerPress Podcasting: from n/a through <= 11.12.5. |
| Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through <= 2.8.2. |
| Missing Authorization vulnerability in Nebojsa Target Video Easy Publish brid-video-easy-publish.This issue affects Target Video Easy Publish: from n/a through <= 3.8.9. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aristo Rinjuang WP Inquiries wp-inquiries allows SQL Injection.This issue affects WP Inquiries: from n/a through <= 0.2.1. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Guru Error Log Viewer error-log-viewer-wp allows Blind SQL Injection.This issue affects Error Log Viewer: from n/a through <= 1.0.5. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in John Weissberg Print Science Designer print-science-designer allows Path Traversal.This issue affects Print Science Designer: from n/a through <= 1.3.155. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Parnell Spark GF Failed Submissions spark-gf-failed-submissions allows Reflected XSS.This issue affects Spark GF Failed Submissions: from n/a through <= 1.3.5. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows PHP Local File Inclusion.This issue affects Real Estate Manager: from n/a through <= 7.3. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebbyTemplate Office Locator office-locator allows SQL Injection.This issue affects Office Locator: from n/a through <= 1.3.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in JoomSky JS Job Manager js-jobs allows Upload a Web Shell to a Web Server.This issue affects JS Job Manager: from n/a through <= 2.0.2. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme Testimonial Slider And Showcase Pro testimonial-slider-showcase-pro allows PHP Local File Inclusion.This issue affects Testimonial Slider And Showcase Pro: from n/a through <= 2.3.15. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Stylemix Motors motors-car-dealership-classified-listings allows PHP Local File Inclusion.This issue affects Motors: from n/a through <= 1.4.71. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lee Blue Cart66 Cloud cart66-cloud allows Reflected XSS.This issue affects Cart66 Cloud: from n/a through <= 2.3.7. |
| Incorrect Privilege Assignment vulnerability in Projectopia Projectopia projectopia-core allows Privilege Escalation.This issue affects Projectopia: from n/a through <= 5.1.24. |
| Cross-Site Request Forgery (CSRF) vulnerability in Hiren Patel Custom Posts Order custom-posts-order allows Stored XSS.This issue affects Custom Posts Order: from n/a through <= 4.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in appsbd Vite Coupon vite-coupon allows Remote Code Inclusion.This issue affects Vite Coupon: from n/a through <= 1.0.9. |
