Medium
CVSS: 6.9
Yayın: 2025-01-02 13:15:06
A vulnerability was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. It has been declared as critical. This vulnerability affects unknown code of the file /goform/form2NetSniper.cgi. The manipulation leads to improper access controls. The attack ca…
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:28
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jorisderuiter ConvertCalculator for WordPress convertcalculator allows Stored XSS.This issue affects ConvertCalculator for WordPress: from n/a throu…
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:28
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in html5maps Interactive UK Map interactive-uk-map allows Stored XSS.This issue affects Interactive UK Map: from n/a through
High
CVSS: 8.8
Yayın: 2025-01-02 12:15:28
Missing Authorization vulnerability in sonaar MP3 Audio Player for Music, Radio & Podcast by Sonaar mp3-music-player-by-sonaar allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MP3 Audio Player for Music, Radio & Podc…
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:28
Unrestricted Upload of File with Dangerous Type vulnerability in Beee ACF City Selector acf-city-selector allows Upload a Web Shell to a Web Server.This issue affects ACF City Selector: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:28
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Shots for Dribbble gs-dribbble-portfolio allows DOM-Based XSS.This issue affects GS Shots for Dribbble: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:28
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins GS Coaches gs-coach allows Stored XSS.This issue affects GS Coaches: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GS Plugins Project Showcase gs-projects allows Stored XSS.This issue affects Project Showcase: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StorePlugin ShopElement shopelement allows Stored XSS.This issue affects ShopElement: from n/a through
Medium
CVSS: 5.4
Yayın: 2025-01-02 12:15:27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo GeoDirectory geodirectory allows Stored XSS.This issue affects GeoDirectory: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlockArt Magazine Blocks magazine-blocks allows Stored XSS.This issue affects Magazine Blocks: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:27
Missing Authorization vulnerability in Stiofan AyeCode Connect ayecode-connect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AyeCode Connect: from n/a through
Medium
CVSS: 5.4
Yayın: 2025-01-02 12:15:27
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in moveaddons Move Addons for Elementor move-addons allows Stored XSS.This issue affects Move Addons for Elementor: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:27
Missing Authorization vulnerability in supsystic Data Tables Generator by Supsystic data-tables-generator-by-supsystic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Data Tables Generator by Supsystic: from…
Medium
CVSS: 5.4
Yayın: 2025-01-02 12:15:26
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themelooks Enter Addons enteraddons allows Stored XSS.This issue affects Enter Addons: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:26
Cross-Site Request Forgery (CSRF) vulnerability in Event Espresso Event Espresso 4 Decaf event-espresso-decaf allows Cross Site Request Forgery.This issue affects Event Espresso 4 Decaf: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:26
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Greg Ross Just Writing Statistics just-writing-statistics allows SQL Injection.This issue affects Just Writing Statistics: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:26
Unrestricted Upload of File with Dangerous Type vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 12:15:26
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through
High
CVSS: 7.2
Yayın: 2025-01-02 12:15:26
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author wp-post-author allows SQL Injection.This issue affects WP Post Author: from n/a through