| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Reflected XSS.This issue affects Backup and Staging by WP Time Capsule: from n/a through <= 1.22.23. |
| Missing Authorization vulnerability in Fahad Mahmood Stock Locations for WooCommerce stock-locations-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stock Locations for WooCommerce: from n/a through <= 2.8.6. |
| Cross-Site Request Forgery (CSRF) vulnerability in WebAppick Challan webappick-pdf-invoice-for-woocommerce allows Privilege Escalation.This issue affects Challan: from n/a through <= 3.7.58. |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in mediaticus Subaccounts for WooCommerce subaccounts-for-woocommerce allows Authentication Abuse.This issue affects Subaccounts for WooCommerce: from n/a through <= 1.6.6. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TrackShip TrackShip for WooCommerce trackship-for-woocommerce allows SQL Injection.This issue affects TrackShip for WooCommerce: from n/a through <= 1.9.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in B2itech B2i Investor Tools b2i-investor-tools allows Reflected XSS.This issue affects B2i Investor Tools: from n/a through <= 1.0.7.9. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Xylus Themes WP Smart Import wp-smart-import allows PHP Local File Inclusion.This issue affects WP Smart Import: from n/a through <= 1.1.3. |
| Relative Path Traversal vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.26. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Greg Winiarski WPAdverts wpadverts allows PHP Local File Inclusion.This issue affects WPAdverts: from n/a through <= 2.2.2. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Chill Download Monitor download-monitor allows PHP Local File Inclusion.This issue affects Download Monitor: from n/a through <= 5.0.22. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ctltwp Section Widget section-widget allows Reflected XSS.This issue affects Section Widget: from n/a through <= 3.3.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Attachment hacklog-remote-attachment allows Stored XSS.This issue affects Hacklog Remote Attachment: from n/a through <= 1.3.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Steve Availability Calendar availability allows Stored XSS.This issue affects Availability Calendar: from n/a through <= 0.2.4. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in janekniefeldt My Custom Widgets mycustomwidget allows Reflected XSS.This issue affects My Custom Widgets: from n/a through <= 2.0.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in stesvis WP Filter Post Category wp-filter-post-categories allows Stored XSS.This issue affects WP Filter Post Category: from n/a through <= 2.1.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in Billy Bryant Tabs gt-tabs allows Stored XSS.This issue affects Tabs: from n/a through <= 4.0.3. |
| Cross-Site Request Forgery (CSRF) vulnerability in alphasis Related Posts via Taxonomies related-posts-via-taxonomies allows Stored XSS.This issue affects Related Posts via Taxonomies: from n/a through <= 1.0.1. |
| Cross-Site Request Forgery (CSRF) vulnerability in silencecm Twitter Card Generator twitter-card-generator allows Stored XSS.This issue affects Twitter Card Generator: from n/a through <= 1.0.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in M A Vinoth Kumar Category Widget category-widget allows Reflected XSS.This issue affects Category Widget: from n/a through <= 2.0.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in milat Milat jQuery Automatic Popup milat-jquery-automatic-popup allows Stored XSS.This issue affects Milat jQuery Automatic Popup: from n/a through <= 1.3.1. |
