Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
supsystic vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-0424
The Popup by Supsystic WordPress plugin prior to 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated malicious users to call it and get the email addresses of subscribed users
Supsystic Popup
4.3
CVSSv2
CVE-2021-36891
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery by Supsystic plugin <= 1.15.5 at WordPress allows changing the plugin settings.
Supsystic Photo Gallery
6.8
CVSSv2
CVE-2016-10918
The gallery-by-supsystic plugin prior to 1.8.6 for WordPress has CSRF.
Supsystic Photo Gallery
NA
CVE-2023-2528
The Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated malicious users to ...
Supsystic Contact Form
4.3
CVSSv2
CVE-2021-46782
The Pricing Table by Supsystic WordPress plugin prior to 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
Supsystic Price Table
NA
CVE-2023-6732
The Ultimate Maps by Supsystic WordPress plugin prior to 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Supsystic Ultimate Maps
4.3
CVSSv2
CVE-2021-24276
The Contact Form by Supsystic WordPress plugin prior to 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Supsystic Contact Form
NA
CVE-2023-45068
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions.
Supsystic Contact Form
4.3
CVSSv2
CVE-2017-20065
A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be...
Supsystic Popup 1.7.6
4.3
CVSSv2
CVE-2021-24274
The Ultimate Maps by Supsystic WordPress plugin prior to 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
Supsystic Ultimate Maps
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »