Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
custom pages plugin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-0334
The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom attribute of a link in several Elementor widgets in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on user supplied attribut...
NA
CVE-2024-0586
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Login/Register Element in all versions up to, and including, 5.9.4 due to insufficient input san...
Wpdeveloper Essential Addons For Elementor
NA
CVE-2024-1720
The User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Display Name' parameter in all versions up to, and including, 3.1.4 due to insufficient input...
NA
CVE-2023-6938
The Oxygen Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a custom field in all versions up to, and including, 4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...
Soflyy Oxygen
NA
CVE-2024-0689
The Custom Field Suite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a meta import in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the meta values. This makes it possible for authenticated attackers...
NA
CVE-2024-1586
The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom schema in all versions up to, and including, 1.26 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...
NA
CVE-2024-1894
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'burst_total_pageviews_count' custom meta field in all versions up to, and including, 1.5.6.1 due to insufficient input saniti...
3.5
CVSSv2
CVE-2011-1401
ikiwiki prior to 3.20110328 does not ascertain whether the htmlscrubber plugin is enabled during processing of the "meta stylesheet" directive, which allows remote authenticated users to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS)...
Ikiwiki Ikiwiki 2.19
Ikiwiki Ikiwiki 2.18
Ikiwiki Ikiwiki 3.1415
Ikiwiki Ikiwiki 3.10
Ikiwiki Ikiwiki 3.11
Ikiwiki Ikiwiki 3.12
Ikiwiki Ikiwiki 2.60
Ikiwiki Ikiwiki 2.64
Ikiwiki Ikiwiki 2.65
Ikiwiki Ikiwiki 2.62.1
Ikiwiki Ikiwiki 3.02
Ikiwiki Ikiwiki 3.01
Ikiwiki Ikiwiki 3.09
Ikiwiki Ikiwiki 3.08
Ikiwiki Ikiwiki 2.31.3
Ikiwiki Ikiwiki 2.43
Ikiwiki Ikiwiki 2.42
Ikiwiki Ikiwiki 2.44
Ikiwiki Ikiwiki 2.48
Ikiwiki Ikiwiki 2.49
Ikiwiki Ikiwiki 2.54
Ikiwiki Ikiwiki 2.55
NA
CVE-2023-6842
The Formidable Forms – Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name field label and description field label parameter in all versions up to 6.7 (inclusive) due t...
Strategy11 Formidable Form Builder
NA
CVE-2017_5715
First of all This repository is based on the findings of these 3 repositories: https://github.com/peter-nebe/optee_os/tree/master, https://github.com/jefg89/optee-rpi4/tree/main and most notably https://github.com/joaopeixoto13/OPTEE-RPI4. The idea of this repository is to work a...
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »