Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stefan broeder vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-7543
Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote malicious users to inject arbitrary JavaScript or HTML via the json parameter.
Snapcreek Duplicator 1.2.32
1 EDB exploit
5.4
CVSSv3
CVE-2018-9034
Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote malicious users to inject arbitrary JavaScript or HTML via the tab GET parameter.
Relevanssi Relevanssi
1 EDB exploit
6.1
CVSSv3
CVE-2018-8729
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin prior to 2.4.1 for WordPress allow remote malicious users to inject arbitrary JavaScript or HTML via a title that is not escaped.
Pojo Activity Log
1 EDB exploit
9.6
CVSSv3
CVE-2018-9035
CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote malicious users to inject spreadsheet formulas into CSV files via the contact form.
Contact-form-7-to-database-extension Project Contact-form-7-to-database-extension
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started