| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in giangmd93 GP Back To Top gp-back-to-top allows Cross Site Request Forgery.This issue affects GP Back To Top: from n/a through <= 3.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dezdy.com Dezdy dezdy-mcommerce allows Reflected XSS.This issue affects Dezdy: from n/a through <= 1.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Damian Orzol Contact Form 7 Material Design cf7-material-design allows Stored XSS.This issue affects Contact Form 7 Material Design: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blulogistics1 blu Logistics blu-logistics allows Reflected XSS.This issue affects blu Logistics: from n/a through <= 1.0.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in animexxx dForms dforms allows Reflected XSS.This issue affects dForms: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kvvaradha EmailPress emailpress allows Reflected XSS.This issue affects EmailPress: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Message ticker message-ticker allows Stored XSS.This issue affects Message ticker: from n/a through <= 9.3. |
| The isMobile plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ parameter in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MohammadJafar Khajeh Group category creator group-category-creator allows Reflected XSS.This issue affects Group category creator: from n/a through <= 1.3.0.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in muro External image replace external-image-replace allows Cross Site Request Forgery.This issue affects External image replace: from n/a through <= 1.0.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zeitwesentech Beautiful Link Preview beautiful-link-preview allows Stored XSS.This issue affects Beautiful Link Preview: from n/a through <= 1.5.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Omar Mohamed Mohamoud LIVE TV live-tv allows Reflected XSS.This issue affects LIVE TV: from n/a through <= 1.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristian Sarov Upload Quota per User upload-quota-per-user allows Stored XSS.This issue affects Upload Quota per User: from n/a through <= 1.3. |
| Missing Authorization vulnerability in mediabeta WP Journal wpjournal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Journal: from n/a through <= 1.1. |
| Missing Authorization vulnerability in gtekelis Interactive Page Hierarchy interactive-page-hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Interactive Page Hierarchy: from n/a through <= 1.0.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in avaibook AvaiBook avaibook allows Stored XSS.This issue affects AvaiBook: from n/a through <= 1.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Irshad A.Khan Cyber Slider cyber-new-slider allows Reflected XSS.This issue affects Cyber Slider: from n/a through <= 1.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in WPShop.ru CallPhone'r callphoner allows Stored XSS.This issue affects CallPhone'r: from n/a through <= 1.1.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in khanhtruong WP Database Audit database-audit allows Reflected XSS.This issue affects WP Database Audit: from n/a through <= 1.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in codehandling Youtube Video Grid youmax-channel-embeds-for-youtube-businesses allows Reflected XSS.This issue affects Youtube Video Grid: from n/a through <= 1.9. |
