Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ceylan bozogullarindan vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-24926
The Domain Check WordPress plugin prior to 1.0.17 does not sanitise and escape the domain parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting issue
Domaincheckplugin Domain Check
4.9
CVSSv3
CVE-2021-24966
The Error Log Viewer WordPress plugin up to and including 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outside of the blog folder
Bestwebsoft Error Log Viewer
4.9
CVSSv3
CVE-2022-0246
The settings of the iQ Block Country WordPress plugin prior to 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip fil...
Webence Iq Block Country
4.3
CVSSv3
CVE-2022-0377
Users of the LearnPress WordPress plugin prior to 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for r...
Thimpress Learnpress
4.8
CVSSv3
CVE-2021-24904
The Mortgage Calculators WP WordPress plugin prior to 1.56 does not implement any sanitisation on the color setting of the background of a calculator, which could allow high privilege users to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is...
Lenderd Mortgage Calculators Wp
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started