| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Youtube Vimeo Video Player and Slider video_player_youtube_vimeo allows Reflected XSS.This issue affects Youtube Vimeo Video Player and Slider: from n/a through <= 3.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg_universal_video_player_addon_visual_composer allows Reflected XSS.This issue affects Universal Video Player - Addon for WPBakery Page Builder: from n/a through <= 3.2.1. |
| Path Traversal: '.../...//' vulnerability in miniOrange Prevent files / folders access prevent-file-access allows Path Traversal.This issue affects Prevent files / folders access: from n/a through <= 2.6.0. |
| Deserialization of Untrusted Data vulnerability in rascals Noisa noisa allows Object Injection.This issue affects Noisa: from n/a through <= 2.6.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup Universal Video Player - Addon for WPBakery Page Builder lbg-universal-video-player-addon-visual-composer allows Reflected XSS.This issue affects Universal Video Player - Addon for WPBakery Page Builder: from n/a through <= 3.2.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mortgage Calculator BMI Adult & Kid Calculator bmi-adultkid-calculator allows Stored XSS.This issue affects BMI Adult & Kid Calculator: from n/a through <= 1.2.2. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in gopiplus@hotmail.com Wp tabber widget wp-tabber-widget allows SQL Injection.This issue affects Wp tabber widget: from n/a through <= 4.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Login-Logout login-logout allows Stored XSS.This issue affects Login-Logout: from n/a through <= 3.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeSolz Better Find and Replace real-time-auto-find-and-replace allows Stored XSS.This issue affects Better Find and Replace: from n/a through <= 1.7.6. |
| Deserialization of Untrusted Data vulnerability in raoinfotech GSheets Connector sheetlink allows Object Injection.This issue affects GSheets Connector: from n/a through <= 1.1.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Online Optimisation WP Mailto Links wp-mailto-links allows Stored XSS.This issue affects WP Mailto Links: from n/a through <= 3.1.4. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HT Plugins HT Mega – Absolute Addons for WPBakery Page Builder ht-mega-for-wpbakery allows DOM-Based XSS.This issue affects HT Mega – Absolute Addons for WPBakery Page Builder: from n/a through <= 1.0.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SAPO SAPO Feed sapo-feed allows Stored XSS.This issue affects SAPO Feed: from n/a through <= 2.4.2. |
| Server-Side Request Forgery (SSRF) vulnerability in Binsaifullah Beaf image-compare-block allows Server Side Request Forgery.This issue affects Beaf: from n/a through <= 1.6.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi AffiliateWP – External Referral Links affiliatewp-external-referral-links allows Stored XSS.This issue affects AffiliateWP – External Referral Links: from n/a through <= 1.2.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in davaxi Goracash goracash allows Stored XSS.This issue affects Goracash: from n/a through <= 1.1. |
| Server-Side Request Forgery (SSRF) vulnerability in activewebsight SEO Backlink Monitor seo-backlink-monitor allows Server Side Request Forgery.This issue affects SEO Backlink Monitor: from n/a through <= 1.8.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in activewebsight SEO Backlink Monitor seo-backlink-monitor allows Cross Site Request Forgery.This issue affects SEO Backlink Monitor: from n/a through <= 1.8.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CashBill CashBill.pl – Płatności WooCommerce cashbill-payment-method allows Stored XSS.This issue affects CashBill.pl – Płatności WooCommerce: from n/a through <= 3.2.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Stored XSS.This issue affects Ultimate WP Mail: from n/a through <= 1.3.8. |
