Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight allows Object Injection. This issue affects Employee Spotlight: from n/a through 5.1.1. More information : https://patchstack.com/database/wordpress/plugin/employee-spotlight/vulnerability/wordpress-employee-spotlight-plugin-5-1-1-php-object-injection-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in captcha.eu Captcha.eu allows Reflected XSS. This issue affects Captcha.eu: from n/a through n/a. More information : https://patchstack.com/database/wordpress/plugin/captcha-eu/vulnerability/wordpress-captcha-eu-plugin-1-0-61-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in gavias Kipso allows PHP Local File Inclusion. This issue affects Kipso: from n/a through 1.3.4. More information :...
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in ovatheme Ovatheme Events allows PHP Local File Inclusion. This issue affects Ovatheme Events: from n/a through 1.2.8. More...
Deserialization of Untrusted Data vulnerability in emarket-design WP Easy Contact allows Object Injection. This issue affects WP Easy Contact: from n/a through 4.0.1. More information : https://patchstack.com/database/wordpress/plugin/wp-easy-contact/vulnerability/wordpress-wp-easy-contact-plugin-4-0-1-php-object-injection-vulnerability?_s_id=cve
Missing Authorization vulnerability in Ashan Perera LifePress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects LifePress: from n/a through 2.1.3. More information : https://patchstack.com/database/wordpress/plugin/lifepress/vulnerability/wordpress-lifepress-plugin-2-1-3-broken-access-control-vulnerability?_s_id=cve
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in TieLabs Jannah allows PHP Local File Inclusion. This issue affects Jannah: from n/a through 7.4.1. More information :...
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Assaf Parag Poll, Survey & Quiz Maker Plugin by Opinion Stage allows PHP Local File Inclusion. This issue...
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in CodeYatri Gutenify allows PHP Local File Inclusion. This issue affects Gutenify: from n/a through 1.5.6. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Jason Theme Blvd Widget Areas allows Reflected XSS. This issue affects Theme Blvd Widget Areas: from n/a through 1.3.0. More information :...
Server-Side Request Forgery (SSRF) vulnerability in Chartbeat Chartbeat allows Server Side Request Forgery. This issue affects Chartbeat: from n/a through 2.0.7. More information : https://patchstack.com/database/wordpress/plugin/chartbeat/vulnerability/wordpress-chartbeat-plugin-2-0-7-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Magazine allows PHP Local File Inclusion. This issue affects Magazine: from n/a through 1.2.2. More information :...
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in WPInterface BlogMarks allows PHP Local File Inclusion. This issue affects BlogMarks: from n/a through 1.0.8. More information :...
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Unfoldwp Magazine Elite allows PHP Local File Inclusion. This issue affects Magazine Elite: from n/a through 1.2.4. More...