CVEs and Security Vulnerabilities

Total 277439 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-47141	1 Seerox	1 Wp Dynamic Keywords Injector	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Dynamic Keywords Injector plugin <= 2.3.15 versions.
CVE-2022-47143	1 Themeisle	1 Multiple Page Generator	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Themeisle Multiple Page Generator Plugin – MPG plugin <= 3.3.9 versions.
CVE-2023-25709	1 Plainware	1 Locatoraid	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Plainware Locatoraid Store Locator plugin <= 3.9.11 versions.
CVE-2023-25708	1 Rextheme	1 Wp Vr	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin <= 8.2.7 versions.
CVE-2022-47427	1 My Calendar Project	1 My Calendar	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <= 3.3.24.1 versions.
CVE-2022-44580	1 Richplugins	1 Plugin For Google Reviews	2025-01-13	9.1 Critical
SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions.
CVE-2022-38456	1 Ajax Search Project	1 Ajax Search	2025-01-13	4.3 Medium
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ernest Marcinko Ajax Search Lite plugin <= 4.10.3 versions.
CVE-2022-37402	1 Afsanalytics	1 Afs Analytics	2025-01-13	4.8 Medium
Stored Cross-site Scripting (XSS) vulnerability in AFS Analytics plugin <= 4.18 versions.
CVE-2022-38063	1 Social Login Wp Project	1 Social Login Wp	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Social Login WP plugin <= 5.0.0.0 versions.
CVE-2022-38971	1 Themekraft	1 Post Form Registration Form Profile Form For User Profiles And Content Forms	2025-01-13	4.7 Medium
Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form – Registration Form – Profile Form for User Profiles and Content Forms for User Submissions plugin <= 2.7.5 versions.
CVE-2022-40699	1 Yasr - Yet Another Stars Rating Project	1 Yasr - Yet Another Stars Rating	2025-01-13	5.4 Medium
Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions.
CVE-2022-41554	1 Slideshow Se Project	1 Slideshow Se	2025-01-13	4.8 Medium
Stored Cross-Site Scripting (XSS) vulnerability in John West Slideshow SE plugin <= 2.5.5 versions.
CVE-2022-43461	1 Slideshow Se Project	1 Slideshow Se	2025-01-13	4.8 Medium
Stored Cross-Site Scripting (XSS) vulnerability in John West Slideshow SE plugin <= 2.5.5 versions.
CVE-2022-45817	1 Gc Testimonials Project	1 Gc Testimonials	2025-01-13	5.4 Medium
Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC Testimonials plugin <= 1.3.2 versions.
CVE-2022-46854	1 Obox	1 Launchpad - Coming Soon \& Maintenance Mode Plugin	2025-01-13	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Obox Themes Launchpad – Coming Soon & Maintenance Mode plugin <= 1.0.13 versions.
CVE-2022-46867	1 Universal Star Rating Project	1 Universal Star Rating	2025-01-13	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Chasil Universal Star Rating plugin <= 2.1.0 version.
CVE-2023-25795	1 Wp-master	1 Feed Changer \& Remover	2025-01-13	5.9 Medium
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in WP-master.Ir Feed Changer & Remover plugin <= 0.2 versions.
CVE-2023-25794	1 Nooz Project	1 Nooz	2025-01-13	5.9 Medium
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mighty Digital Nooz plugin <= 1.6.0 versions.
CVE-2024-9131			2025-01-13	7.2 High
A user with administrator privileges can perform command injection
CVE-2025-0390			2025-01-13	5.3 Medium
A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability affects unknown code of the file /wmOmNoticeHController.do. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 20250101 is able to address this issue. It is recommended to upgrade the affected component.

« first previous Page 84 of 13872. next last »