| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey Groundhogg groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through <= 3.7.3.3. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a through <= 3.0. |
| Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through <= 3.9.50. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elicus WPMozo Addons Lite for Elementor wpmozo-addons-lite-for-elementor allows PHP Local File Inclusion.This issue affects WPMozo Addons Lite for Elementor: from n/a through <= 1.1.0. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in codemstory 워드프레스 결제 심플페이 pgall-for-woocommerce allows PHP Local File Inclusion.This issue affects 워드프레스 결제 심플페이: from n/a through <= 5.2.0. |
| Incorrect Privilege Assignment vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Privilege Escalation.This issue affects WPGuppy: from n/a through <= 1.1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in html5maps Interactive UK Map interactive-uk-map allows Stored XSS.This issue affects Interactive UK Map: from n/a through <= 3.4.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Reflected XSS.This issue affects WooCommerce PDF Vouchers: from n/a through < 4.9.9. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through <= 4.7. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author wp-post-author allows SQL Injection.This issue affects WP Post Author: from n/a through <= 3.8.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kinhelios KinTPV WooConnect kintpv-connect allows Stored XSS.This issue affects KinTPV WooConnect: from n/a through <= 8.129. |
| Cross-Site Request Forgery (CSRF) vulnerability in Alex Volkov WP Nice Loader wp-nice-loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through <= 0.1.0.4. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Dynamic Product Category Grid, Slider for WooCommerce dynamic-product-categories-design allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through <= 1.1.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce.This issue affects Wishlist for WooCommerce: from n/a through <= 3.1.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows Reflected XSS.This issue affects Royal Elementor Addons: from n/a through <= 1.7.1001. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood Gulri Slider gulri-slider allows Reflected XSS.This issue affects Gulri Slider: from n/a through <= 3.5.8. |
| Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through <= 5.1.9. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9. |
| Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through <= 5.1.9. |
