Cross-Site Request Forgery (CSRF) vulnerability in FantasticPlugins SUMO Memberships for WooCommerce sumomemberships allows Cross Site Request Forgery.This issue affects SUMO Memberships for WooCommerce: from n/a through < 7.8.0. More information : https://vdp.patchstack.com/database/Wordpress/Plugin/sumomemberships/vulnerability/wordpress-sumo-memberships-for-woocommerce-plugin-7-8-0-cross-site-request-forgery-csrf-vulnerability
Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through
Incorrect Privilege Assignment vulnerability in bPlugins Voice Feedback voice-feedback allows Privilege Escalation.This issue affects Voice Feedback: from n/a through
Deserialization of Untrusted Data vulnerability in acowebs Product Table For WooCommerce product-table-for-woocommerce.This issue affects Product Table For WooCommerce: from n/a through
Cross-Site Request Forgery (CSRF) vulnerability in Dmitry V. (CEO of “UKR Solution”) UPC/EAN/GTIN Code Generator upc-ean-barcode-generator allows Cross Site Request Forgery.This issue affects UPC/EAN/GTIN Code Generator: from n/a through
Missing Authorization vulnerability in POSIMYTH UiChemy uichemy.This issue affects UiChemy: from n/a through
Deserialization of Untrusted Data vulnerability in designthemes Single Property single-property allows Object Injection.This issue affects Single Property: from n/a through
Deserialization of Untrusted Data vulnerability in universam UNIVERSAM universam-demo allows Object Injection.This issue affects UNIVERSAM: from n/a through
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in weissmike Simple Finance Calculator simple-finance-calculator allows Reflected XSS.This issue affects Simple Finance Calculator: from n/a through
D-Link DIR-823G A1 v1.0.2B05 was discovered to contain a buffer overflow in the FillMacCloneMac parameter in the /EXCU_SHELL endpoint. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input....
A NULL pointer dereference in the SetWLanRadioSettings function of D-Link DIR-823G A1 v1.0.2B05 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. More information : https://github.com/z472421519/BinaryAudit/blob/main/PoC/NPD/DIR823G/SetWLanRadioSetting.md
Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through
Deserialization of Untrusted Data vulnerability in quantumcloud KBx Pro Ultimate knowledgebase-helpdesk-pro allows Object Injection.This issue affects KBx Pro Ultimate: from n/a through
Incorrect Privilege Assignment vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through