Ays-pro CVEs and Security Vulnerabilities

Export limit exceeded: 16342 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (125 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-24457	1 Ays-pro	1 Portfolio Responsive Gallery	2024-11-21	8.8 High
The get_portfolios() and get_portfolio_attributes() functions in the class-portfolio-responsive-gallery-list-table.php and class-portfolio-responsive-gallery-attributes-list-table.php files of the Portfolio Responsive Gallery WordPress plugin before 1.1.8 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard
CVE-2021-24456	1 Ays-pro	1 Quiz Maker	2024-11-21	7.2 High
The Quiz Maker WordPress plugin before 6.2.0.9 did not properly sanitise and escape the order and orderby parameters before using them in SQL statements, leading to SQL injection issues in the admin dashboard
CVE-2016-10921	1 Ays-pro	1 Photo Gallery	2024-11-21	N/A
The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection.
CVE-2024-6888	2 Ays-pro, Copy Content Protection Team	2 Secure Copy Content Protection And Content Locking, Secure Copy Content Protection And Content Locking	2024-10-07	4.8 Medium
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2024-6889	2 Ays-pro, Copy Content Protection Team	2 Secure Copy Content Protection And Content Locking, Secure Copy Content Protection And Content Locking	2024-10-07	4.8 Medium
The Secure Copy Content Protection and Content Locking WordPress plugin before 4.1.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

« first previous Page 7 of 7.