Missing Authorization vulnerability in Amento Tech Pvt ltd WPGuppy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPGuppy: from n/a through 1.1.0.

Missing Authorization vulnerability in theme funda Setup Default Featured Image allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Setup Default Featured Image...

Insertion of Sensitive Information Into Sent Data vulnerability in GREYS Korea for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects Korea for WooCommerce: from n/a through 1.1.1...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pete Dring Create with Code allows DOM-Based XSS. This issue affects Create with Code: from n/a th...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Linnea Huxford, LinSoftware Blur Text allows Stored XSS. This issue affects Blur Text: from n/a th...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christian Leuenberg, L.net Web Solutions Restrict Anonymous Access allows Stored XSS. This issue a...

Insertion of Sensitive Information Into Sent Data vulnerability in UkrSolution Barcode Generator for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects Barcode Generator for WooCo...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins All Embed – Elementor Addons allows Stored XSS. This issue affects All Embed – Elementor ...

Missing Authorization vulnerability in Speedcomp Linet ERP-Woocommerce Integration allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Linet ERP-Woocommerce Int...

Missing Authorization vulnerability in Patreon Patreon WordPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Patreon WordPress: from n/a through 1.9.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N.O.U.S. Open Useful and Simple Event post allows Stored XSS. This issue affects Event post: from ...

Missing Authorization vulnerability in AA Web Servant 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a th...

Missing Authorization vulnerability in Themefic Instantio allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Instantio: from n/a through 3.3.7.

Missing Authorization vulnerability in Code for Recovery 12 Step Meeting List allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects 12 Step Meeting List: from n/a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso HelloAsso allows Stored XSS. This issue affects HelloAsso: from n/a through 1.1.11.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagelayer Team PageLayer allows DOM-Based XSS. This issue affects PageLayer: from n/a through 1.9....

Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search allows Cross Site Request Forgery. This issue affects WP Fast Total Search: from n/a through 1.78.258.

Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster allows Retrieve Embedded Sensitive Data. This issue affects WP Mailster: from n/a through 1.8.16.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JobScore Job Manager allows Stored XSS. This issue affects Job Manager: from n/a through 2.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matthias Wagner - FALKEmedia Caching Compatible Cookie Opt-In and JavaScript allows Stored XSS. Th...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icegram Icegram allows Stored XSS. This issue affects Icegram: from n/a through 3.1.31.

NULL pointer dereference vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker provides specially crafted data to the specific process of the Windows system wh...

In JetBrains TeamCity before 2024.12.1 decryption of connection secrets without proper permissions was possible via Test Connection endpoint

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low...