Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stefan broeder vulnerabilities and exploits
(subscribe to this query)
9.6
CVSSv3
CVE-2018-9035
CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote malicious users to inject spreadsheet formulas into CSV files via the contact form.
Contact-form-7-to-database-extension Project Contact-form-7-to-database-extension
1 EDB exploit
6.1
CVSSv3
CVE-2018-7543
Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote malicious users to inject arbitrary JavaScript or HTML via the json parameter.
Snapcreek Duplicator 1.2.32
1 EDB exploit
6.1
CVSSv3
CVE-2018-8729
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Pojo Activity Log
1 EDB exploit
5.4
CVSSv3
CVE-2018-9034
Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote malicious users to inject arbitrary JavaScript or HTML via the tab GET parameter.
Relevanssi Relevanssi
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started