Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ndkadvancedcustomizationfields vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2022-40841
A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows malicious users to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter.
Ndk-design Ndkadvancedcustomizationfields
6.1
CVSSv3
CVE-2022-40840
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting (XSS) via createPdf.php.
Ndk-design Ndkadvancedcustomizationfields
9.1
CVSSv3
CVE-2022-40842
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php.
Ndk-design Ndkadvancedcustomizationfields
7.5
CVSSv3
CVE-2022-40839
A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated malicious users to exfiltrate database data.
Ndk-design Ndkadvancedcustomizationfields 3.5.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started