Cross-Site Request Forgery (CSRF) vulnerability in webandprint AR For WordPress allows Upload a Web Shell to a Web Server. This issue affects AR For WordPress: from n/a through 7.98. More information : https://patchstack.com/database/wordpress/plugin/ar-for-wordpress/vulnerability/wordpress-ar-for-wordpress-plugin-7-98-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in emarket-design WP Ticket Customer Service Software & Support Ticket System allows Stored XSS. This issue affects WP Ticket Customer Service Software &...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in webmaniabr Nota Fiscal Eletrônica WooCommerce allows Stored XSS. This issue affects Nota Fiscal Eletrônica WooCommerce: from n/a through 3.4.0.6. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in HT Plugins HT Feed allows Stored XSS. This issue affects HT Feed: from n/a through 1.3.0. More information : https://patchstack.com/database/wordpress/plugin/ht-instagram/vulnerability/wordpress-ht-feed-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in wpshuffle Subscribe to Download allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subscribe to Download: from n/a through 2.0.9. More information : https://patchstack.com/database/wordpress/plugin/subscribe-to-download/vulnerability/wordpress-subscribe-to-download-plugin-2-0-9-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Michael Ott Notely allows Stored XSS. This issue affects Notely: from n/a through 1.8.0. More information : https://patchstack.com/database/wordpress/plugin/notely/vulnerability/wordpress-notely-plugin-1-8-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in wpshuffle Subscribe to Download allows PHP Local File Inclusion. This issue affects Subscribe to Download: from n/a through...
Missing Authorization vulnerability in wpshuffle Subscribe To Unlock allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subscribe To Unlock: from n/a through 1.1.5. More information : https://patchstack.com/database/wordpress/plugin/subscribe-to-unlock/vulnerability/wordpress-subscribe-to-unlock-plugin-1-1-5-broken-access-control-vulnerability?_s_id=cve
Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in wpshuffle Subscribe To Unlock allows PHP Local File Inclusion. This issue affects Subscribe To Unlock: from n/a through...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in yonifre Lenix scss compiler allows Stored XSS. This issue affects Lenix scss compiler: from n/a through 1.2. More information : https://patchstack.com/database/wordpress/plugin/lenix-scss-compiler/vulnerability/wordpress-lenix-scss-compiler-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in yonifre Lenix scss compiler allows Cross Site Request Forgery. This issue affects Lenix scss compiler: from n/a through 1.2. More information : https://patchstack.com/database/wordpress/plugin/lenix-scss-compiler/vulnerability/wordpress-lenix-scss-compiler-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Amit Verma Map Categories to Pages allows Stored XSS. This issue affects Map Categories to Pages: from n/a through 1.3.2. More information...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in DaganLev Simple Meta Tags allows DOM-Based XSS. This issue affects Simple Meta Tags: from n/a through 1.5. More information : https://patchstack.com/database/wordpress/plugin/simple-meta-tags/vulnerability/wordpress-simple-meta-tags-plugin-1-5-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in netgsm Netgsm allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Netgsm: from n/a through 2.9.58. More information : https://patchstack.com/database/wordpress/plugin/netgsm/vulnerability/wordpress-netgsm-plugin-2-9-58-broken-access-control-vulnerability?_s_id=cve