Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
multiple vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-37873
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.
Woocommerce Shipping Multiple Addresses
NA
CVE-2023-32799
Authorization Bypass Through User-Controlled Key vulnerability in WooCommerce Shipping Multiple Addresses.This issue affects Shipping Multiple Addresses: from n/a up to and including 3.8.3.
Woocommerce Shipping Multiple Addresses
435
VMScore
CVE-2008-1414
Cross-site scripting (XSS) vulnerability in Multiple Time Sheets (MTS) 5.0 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the tab parameter to (1) index.php, as demonstrated using mixed case and encoded whitespace characters in the ...
Riceball Multiple Time Sheets
1 EDB exploit
NA
CVE-2023-49157
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andreas Münch Multiple Post Passwords allows Stored XSS.This issue affects Multiple Post Passwords: from n/a up to and including 1.1.1.
Andreasmuench Multiple Post Passwords
NA
CVE-2023-36514
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Shipping Multiple Addresses plugin <= 3.8.5 versions.
Woocommerce Shipping Multiple Addresses
NA
CVE-2023-33927
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Multiple Page Generator Plugin – MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects Multiple Page Generator Plugin – ...
Themeisle Multiple Page Generator
578
VMScore
CVE-2021-24602
The HM Multiple Roles WordPress plugin prior to 1.3 does not have any access control to prevent low privilege users to set themselves as admin via their profile page
Hmplugin Hm Multiple Roles
505
VMScore
CVE-2008-1415
Directory traversal vulnerability in index.php in Multiple Time Sheets (MTS) 5.0 and previous versions allows remote malicious users to read arbitrary files via "../..//" (modified dot dot) sequences in the tab parameter.
Riceball Multiple Time Sheets 5.0
1 EDB exploit
755
VMScore
CVE-2008-6362
SQL injection vulnerability in sitepage.php in Multiple Membership Script 2.5 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
Ezonelink Multiple Membership Script 2.5
1 EDB exploit
668
VMScore
CVE-2022-0783
The Multiple Shipping Address Woocommerce WordPress plugin prior to 2.0 does not properly sanitise and escape numerous parameters before using them in SQL statements via some AJAX actions available to unauthenticated users, leading to unauthenticated SQL injections
Themehigh Multiple Shipping Addresses For Woocommerce
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »