CVE Database

Cross-Site Request Forgery (CSRF) vulnerability in takien Rewrite rewrite allows Cross Site Request Forgery.This issue affects Rewrite: from n/a through <= 0.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in Jacob Schwartz WP e-Commerce Style Email wp-e-commerce-style-email allows Code Injection.This issue affects WP e-Commerce Style Email: from n/a through <= 0.6.2.

Cross-Site Request Forgery (CSRF) vulnerability in mandegarweb Replace Default Words replace-default-words allows Stored XSS.This issue affects Replace Default Words: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.2.7.

Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.3.

Cross-Site Request Forgery (CSRF) vulnerability in Anthony WordPress SQL Backup wordpress-sql-backup allows Stored XSS.This issue affects WordPress SQL Backup: from n/a through <= 3.5.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Logan Carlile Easy Page Transition easy-page-transition allows Stored XSS.This issue affects Easy Page Transition: from n/a through <= 1.0.1.

Missing Authorization vulnerability in ldwin79 sourceplay-navermap sourceplay-navermap allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects sourceplay-navermap: from n/a through <= 0.0.2.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in jiangqie JiangQie Official Website Mini Program jiangqie-official-website-mini-program allows Blind SQL Injection.This issue affects JiangQie Official Website Mini Program: from n/a through <= 1.8.2.

Cross-Site Request Forgery (CSRF) vulnerability in DEJAN CopyLink copy-link allows Stored XSS.This issue affects CopyLink: from n/a through <= 1.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alphasis Related Posts via Categories related-posts-via-categories allows Stored XSS.This issue affects Related Posts via Categories: from n/a through <= 2.1.2.

Cross-Site Request Forgery (CSRF) vulnerability in flipdish Flipdish Ordering System flipdish-ordering-system allows Cross Site Request Forgery.This issue affects Flipdish Ordering System: from n/a through <= 1.5.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thiagogsrwp WP Hotjar wp-hotjar allows Stored XSS.This issue affects WP Hotjar: from n/a through <= 0.0.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wp-maverick WP Parallax Content Slider wp-parallax-content-slider allows Stored XSS.This issue affects WP Parallax Content Slider: from n/a through <= 0.9.8.

Cross-Site Request Forgery (CSRF) vulnerability in Link OSS Upload oss-upload allows Cross Site Request Forgery.This issue affects OSS Upload: from n/a through <= 4.8.9.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iografica IG Shortcodes ig-shortcodes allows DOM-Based XSS.This issue affects IG Shortcodes: from n/a through <= 3.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tstafford include-file include-file allows Stored XSS.This issue affects include-file: from n/a through <= 1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in samsk Include URL include-url allows Stored XSS.This issue affects Include URL: from n/a through <= 0.3.5.

Missing Authorization vulnerability in WesternDeal Advanced Dewplayer advanced-dewplayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Dewplayer: from n/a through <= 1.6.

Missing Authorization vulnerability in tuyennv Music Press Pro music-press-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Music Press Pro: from n/a through <= 1.4.6.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dourou Flickr set slideshows flickr-set-slideshows allows SQL Injection.This issue affects Flickr set slideshows: from n/a through <= 0.9.

Cross-Site Request Forgery (CSRF) vulnerability in ryan_xantoo Map Contact map-contact allows Stored XSS.This issue affects Map Contact: from n/a through <= 3.0.4.

Cross-Site Request Forgery (CSRF) vulnerability in shawfactor LH OGP Meta lh-ogp-meta-tags allows Stored XSS.This issue affects LH OGP Meta: from n/a through <= 1.73.

Cross-Site Request Forgery (CSRF) vulnerability in bbodine1 cTabs ctabs allows Stored XSS.This issue affects cTabs: from n/a through <= 1.3.

Cross-Site Request Forgery (CSRF) vulnerability in marynixie Generate Post Thumbnails generate-post-thumbnails allows Cross Site Request Forgery.This issue affects Generate Post Thumbnails: from n/a through <= 0.8.

Cross-Site Request Forgery (CSRF) vulnerability in alphaomegaplugins AlphaOmega Captcha &amp; Anti-Spam Filter alphaomega-captcha-anti-spam allows Stored XSS.This issue affects AlphaOmega Captcha &amp; Anti-Spam Filter: from n/a through <= 3.3.

Cross-Site Request Forgery (CSRF) vulnerability in ProRankTracker Pro Rank Tracker proranktracker allows Stored XSS.This issue affects Pro Rank Tracker: from n/a through <= 1.0.0.

Missing Authorization vulnerability in PluginOps Top Bar ultimate-bar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Top Bar: from n/a through <= 3.3.

Cross-Site Request Forgery (CSRF) vulnerability in hotvanrod AdSense Privacy Policy adsense-privacy-policy allows Stored XSS.This issue affects AdSense Privacy Policy: from n/a through <= 1.1.1.

Cross-Site Request Forgery (CSRF) vulnerability in mendibass Browser Address Bar Color browser-address-bar-color allows Stored XSS.This issue affects Browser Address Bar Color: from n/a through <= 3.3.

Cross-Site Request Forgery (CSRF) vulnerability in HuangYe WuDeng Hacklog Remote Image Autosave hacklog-remote-image-autosave allows Cross Site Request Forgery.This issue affects Hacklog Remote Image Autosave: from n/a through <= 2.1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arefly Login Redirect login-redirect allows Stored XSS.This issue affects Login Redirect: from n/a through <= 1.0.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jenst Mobile Navigation mobile-navigation allows Stored XSS.This issue affects Mobile Navigation: from n/a through <= 1.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrdenny My Default Post Content my-default-post-content allows Stored XSS.This issue affects My Default Post Content: from n/a through <= 0.7.3.

Cross-Site Request Forgery (CSRF) vulnerability in Igor Yavych Simple Rating simple-rating allows Stored XSS.This issue affects Simple Rating: from n/a through <= 1.4.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in STEdb Corp. STEdb Forms stedb-forms allows SQL Injection.This issue affects STEdb Forms: from n/a through <= 1.0.4.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AliRezaMohammadi دکمه، شبکه اجتماعی خرید dokme allows SQL Injection.This issue affects دکمه، شبکه اجتماعی خرید: from n/a through <= 2.0.6.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jahertor WP Featured Entries wp-featured-entries allows SQL Injection.This issue affects WP Featured Entries: from n/a through <= 1.0.

Cross-Site Request Forgery (CSRF) vulnerability in hitoy Super Static Cache super-static-cache allows Cross Site Request Forgery.This issue affects Super Static Cache: from n/a through <= 3.3.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aryan Themes Clink clink allows DOM-Based XSS.This issue affects Clink: from n/a through <= 1.2.2.

Cross-Site Request Forgery (CSRF) vulnerability in karrikas banner-manager banner-manager allows Stored XSS.This issue affects banner-manager: from n/a through <= 16.04.19.

Cross-Site Request Forgery (CSRF) vulnerability in wpwox Custom Script Integration custom-script-integration allows Stored XSS.This issue affects Custom Script Integration: from n/a through <= 2.1.

Cross-Site Request Forgery (CSRF) vulnerability in Henrique Mouta CAS Maestro cas-maestro allows Stored XSS.This issue affects CAS Maestro: from n/a through <= 1.1.3.

Cross-Site Request Forgery (CSRF) vulnerability in Sana Ullah jQuery Dropdown Menu jquery-drop-down-menu-plugin allows Stored XSS.This issue affects jQuery Dropdown Menu: from n/a through <= 3.0.

Cross-Site Request Forgery (CSRF) vulnerability in EnzoCostantini55 ANAC XML Render anac-xml-render allows Stored XSS.This issue affects ANAC XML Render: from n/a through <= 1.5.7.

Cross-Site Request Forgery (CSRF) vulnerability in odihost Easy 301 Redirects odihost-easy-redirect-301 allows Cross Site Request Forgery.This issue affects Easy 301 Redirects: from n/a through <= 1.33.

Cross-Site Request Forgery (CSRF) vulnerability in flyaga Fix Rss Feeds fix-rss-feed allows Cross Site Request Forgery.This issue affects Fix Rss Feeds: from n/a through <= 3.1.

Cross-Site Request Forgery (CSRF) vulnerability in iiiryan WordPres 同步微博 wp2wb allows Stored XSS.This issue affects WordPres 同步微博: from n/a through <= 1.1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Z.com byGMO GMO Font Agent gmo-font-agent allows Stored XSS.This issue affects GMO Font Agent: from n/a through <= 1.6.

Cross-Site Request Forgery (CSRF) vulnerability in Donald Gilbert WordPress Admin Bar Improved wordpress-admin-bar-improved allows Stored XSS.This issue affects WordPress Admin Bar Improved: from n/a through <= 3.3.5.