Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in AA-Team Amazon Affiliates Addon for WPBakery Page Builder (formerly Visual Composer) allows SQL Injection.This issue affects Amazon Affiliates Addon for...
Path Traversal: ‘…/…//’ vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress allows Path Traversal.This issue affects Pro Bulk Watermark Plugin for WordPress: from n/a through 2.0. More information : https://vdp.patchstack.com/database/wordpress/theme/pro-watermark/vulnerability/wordpress-pro-bulk-watermark-plugin-for-wordpress-2-0-path-traversal-vulnerability?_s_id=cve
Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Codedraft Mediabay – WordPress Media Library Folders allows Blind SQL Injection.This issue affects Mediabay – WordPress Media Library Folders: from...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Proloy Chakroborty ZD Scribd iPaper allows Reflected XSS.This issue affects ZD Scribd iPaper: from n/a through 1.0. More information : https://vdp.patchstack.com/database/wordpress/plugin/zd-scribd-ipaper/vulnerability/wordpress-zd-scribd-ipaper-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in zckevin ZhinaTwitterWidget allows Reflected XSS.This issue affects ZhinaTwitterWidget: from n/a through 1.0. More information : https://vdp.patchstack.com/database/wordpress/plugin/zhina-twitter-widget/vulnerability/wordpress-zhinatwitterwidget-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Matamko En Masse allows Reflected XSS.This issue affects En Masse: from n/a through 1.0. More information : https://vdp.patchstack.com/database/wordpress/plugin/en-masse-wp/vulnerability/wordpress-en-masse-plugin-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Terry Zielke Zielke Design Project Gallery allows Reflected XSS.This issue affects Zielke Design Project Gallery: from n/a through 2.5.0. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Christopher Churchill allows Reflected XSS.This issue affects custom-post-edit: from n/a through 1.0.4. More information : https://vdp.patchstack.com/database/wordpress/plugin/front-end-post-edit/vulnerability/wordpress-custom-post-edit-plugin-1-0-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in merkulove Headinger for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Headinger for Elementor: from n/a through 1.1.4. More information : https://vdp.patchstack.com/database/wordpress/plugin/headinger-elementor/vulnerability/wordpress-headinger-for-elementor-plugin-1-1-4-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in merkulove Criptopayer for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Criptopayer for Elementor: from n/a through 1.0.1. More information : https://vdp.patchstack.com/database/wordpress/plugin/criptopayer-elementor/vulnerability/wordpress-criptopayer-for-elementor-plugin-1-0-1-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in merkulove Countdowner for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Countdowner for Elementor: from n/a through 1.0.4. More information : https://vdp.patchstack.com/database/wordpress/plugin/countdowner-elementor/vulnerability/wordpress-countdowner-for-elementor-plugin-1-0-4-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in merkulove Appender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Appender: from n/a through 1.1.1. More information : https://vdp.patchstack.com/database/wordpress/plugin/appender/vulnerability/wordpress-appender-plugin-1-1-1-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in merkulove UnGrabber allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UnGrabber: from n/a through 3.1.3. More information : https://vdp.patchstack.com/database/wordpress/plugin/ungrabber/vulnerability/wordpress-ungrabber-plugin-3-1-3-broken-access-control-vulnerability?_s_id=cve
libcoap versions up to and including 4.3.5, prior to commit 30db3ea, contain a stack-based buffer overflow in address resolution when attacker-controlled hostname data is copied into a fixed 256-byte stack buffer without proper bounds...