Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addons vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2022-33970
Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.
Oxilab Shortcode Addons
5.3
CVSSv3
CVE-2022-34487
Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress.
Oxilab Shortcode Addons
5.4
CVSSv3
CVE-2022-4784
The Hueman Addons WordPress plugin up to and including 2.3.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-...
Presscustomizr Hueman Addons
6.5
CVSSv3
CVE-2023-37868
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a up to and including 2.9.0.
Leap13 Premium Addons
NA
CVE-2007-5488
Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons prior to 1.2.8, and 1.4.x prior to 1.4.4, allow remote malicious users to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
Asterisk Asterisk-addons
1 EDB exploit
6.1
CVSSv3
CVE-2024-24846
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a up to and including 1.9.3.
Mightythemes Mighty Addons
8.8
CVSSv3
CVE-2023-32794
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.
Woocommerce Product Addons
7.2
CVSSv3
CVE-2023-32795
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a up to and including 6.1.3.
Woocommerce Product Addons
9.8
CVSSv3
CVE-2023-48925
SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows malicious users to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run().
Buy-addons Bavideotab
5.4
CVSSv3
CVE-2024-0448
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget URL parameters in all versions up to, and including, 8.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authen...
Livemesh Elementor Addons
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »