Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
addons vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5488
Multiple SQL injection vulnerabilities in cdr_addon_mysql in Asterisk-Addons prior to 1.2.8, and 1.4.x prior to 1.4.4, allow remote malicious users to execute arbitrary SQL commands via the (1) source and (2) destination numbers, and probably (3) SIP URI, when inserting a record.
Asterisk Asterisk-addons
1 EDB exploit
8.8
CVSSv3
CVE-2023-32794
Cross-Site Request Forgery (CSRF) vulnerability in WooCommerce Product Add-Ons plugin <= 6.1.3 versions.
Woocommerce Product Addons
7.2
CVSSv3
CVE-2023-32795
Deserialization of Untrusted Data vulnerability in WooCommerce Product Add-Ons.This issue affects Product Add-Ons: from n/a up to and including 6.1.3.
Woocommerce Product Addons
7.2
CVSSv3
CVE-2022-33970
Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress.
Oxilab Shortcode Addons
6.1
CVSSv3
CVE-2024-24846
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a up to and including 1.9.3.
Mightythemes Mighty Addons
5.4
CVSSv3
CVE-2020-26239
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which cause...
Scratchaddons Scratch Addons
5.4
CVSSv3
CVE-2024-0448
The Elementor Addons by Livemesh plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widget URL parameters in all versions up to, and including, 8.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authen...
Livemesh Elementor Addons
6.5
CVSSv3
CVE-2023-37868
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Leap13 Premium Addons PRO.This issue affects Premium Addons PRO: from n/a up to and including 2.9.0.
Leap13 Premium Addons
9.8
CVSSv3
CVE-2023-48925
SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows malicious users to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run().
Buy-addons Bavideotab
5.4
CVSSv3
CVE-2022-4784
The Hueman Addons WordPress plugin up to and including 2.3.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-...
Presscustomizr Hueman Addons
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »