Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Missing Authorization vulnerability in raratheme Kalon kalon allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalon: from n/a through <= 1.2.9.
Missing Authorization vulnerability in raratheme Travel Diaries travel-diaries allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Diaries: from n/a thro…
Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Minimal: from n/a through <= 1.…
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order N…
Insertion of Sensitive Information Into Sent Data vulnerability in magepeopleteam WpEvently mage-eventpress allows Retrieve Embedded Sensitive Data.This issue affects WpEvently: from n/a through < 5.…
Missing Authorization vulnerability in raratheme Restaurant and Cafe restaurant-and-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restaurant and Cafe…
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdevelop Booking Calendar booking allows Blind SQL Injection.This issue affects Booking Calendar…
Missing Authorization vulnerability in Josh Kohlbach Advanced Coupons for WooCommerce Coupons advanced-coupons-for-woocommerce-free allows Exploiting Incorrectly Configured Access Control Security Le…
Missing Authorization vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in delphiknight Geo to Lat geo-to-lat allows Blind SQL Injection.This issue affects Geo to Lat: from…
Missing Authorization vulnerability in raratheme Preschool and Kindergarten preschool-and-kindergarten allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Presc…
Missing Authorization vulnerability in raratheme The Conference the-conference allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Conference: from n/a thro…
Improper Control of Generation of Code ('Code Injection') vulnerability in Yannick Lefebvre Modal Dialog modal-dialog allows Remote Code Inclusion.This issue affects Modal Dialog: from n/a through <=…
Missing Authorization vulnerability in raratheme Construction Landing Page construction-landing-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Constru…
Missing Authorization vulnerability in raratheme Influencer influencer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Influencer: from n/a through <= 1.1.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows DOM-Based XSS.This issue affects Robo Gallery: from n/a…
Server-Side Request Forgery (SSRF) vulnerability in Katsushi Kawamori Simple Blog Card simple-blog-card allows Server Side Request Forgery.This issue affects Simple Blog Card: from n/a through <= 2.3…
Cross-Site Request Forgery (CSRF) vulnerability in Magazine3 Easy Table of Contents easy-table-of-contents allows Cross Site Request Forgery.This issue affects Easy Table of Contents: from n/a throug…
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marketing Fire Editorial Calendar editorial-calendar allows DOM-Based XSS.This issue affects Edit…
Cross-Site Request Forgery (CSRF) vulnerability in desertthemes Corpiva corpiva allows Cross Site Request Forgery.This issue affects Corpiva: from n/a through <= 1.0.96.