Missing Authorization vulnerability in Saul Morales Pacheco Donate visa allows Stored XSS. This issue affects Donate visa: from n/a through 1.0.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Kuepper QuoteMedia Tools allows DOM-Based XSS.This issue affects QuoteMedia Tools: from n/a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in pflonk Sidebar-Content from Shortcode allows DOM-Based XSS.This issue affects Sidebar-Content from...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thomas Ehrhardt Powie's pLinks PagePeeker allows DOM-Based XSS.This issue affects Powie's pLinks P...

Missing Authorization vulnerability in NotFound Interactive Page Hierarchy allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Interactive Page Hierarchy: from ...

Missing Authorization vulnerability in NotFound WP Journal allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Journal: from n/a through 1.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital Zoom Studio Demo User DZS allows Stored XSS. This issue affects Demo User DZS: from n/a th...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound DZS Ajaxer Lite allows Stored XSS. This issue affects DZS Ajaxer Lite: from n/a through 1...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound MLL Audio Player MP3 Ajax allows Stored XSS. This issue affects MLL Audio Player MP3 Ajax...

Missing Authorization vulnerability in Mark Winiarski WPLingo allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WPLingo: from n/a through 1.1.2.

Missing Authorization vulnerability in Blokhaus Minterpress allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Minterpress: from n/a through 1.0.5.

Missing Authorization vulnerability in Hemnath Mouli WC Wallet allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WC Wallet: from n/a through 2.2.0.

Missing Authorization vulnerability in tsecher ts-tree allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ts-tree: from n/a through 0.1.1.

Missing Authorization vulnerability in NotFound Database Sync allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Database Sync: from n/a through 0.5.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound RSVP ME allows Stored XSS. This issue affects RSVP ME: from n/a through 1.9.9.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Scroll Top Advanced allows Stored XSS.This issue affects Scroll Top Advanced: from n/a throu...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Albertolabs.com Easy EU Cookie law allows Stored XSS.This issue affects Easy EU Cookie law: from n...

mySCADA myPRO Manager is vulnerable to cross-site request forgery (CSRF), which could allow an attacker to obtain sensitive information. An attacker would need to trick the victim in to visiting an at...

A flaw was found in the Wildfly Server Role Based Access Control (RBAC) provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user wi...

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is serv...

NVIDIA Riva contains a vulnerability where a user could cause an improper access control issue. A successful exploit of this vulnerability might lead to data tampering or denial of service.

IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an authenticated user to cause a denial of service due to the improper handling of invalid headers sent to the queue.

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. The external storage feature allows any user to enumerate the name and content of files on the serv...

matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. When Hookshot 6 version 6.0.1 or below, or Hookshot 5 version 5.4.1 or below, is configured wit...