Latest CVE Feed

Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through…

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in icopydoc YML for Yandex Market yml-for-yandex-market allows Path Traversal.This issue affects YML for Y…

Missing Authorization vulnerability in WP Folio Team PPWP password-protect-page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PPWP: from n/a through <= 1.…

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Taboola Taboola Pixel taboola-pixel allows Reflected XSS.This issue affects Taboola Pixel: from n…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Ant…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder:…

Missing Authorization vulnerability in Premmerce Premmerce Redirect Manager premmerce-redirect-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premm…

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects …

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Revisions revisionary allows Blind SQL Injection.This issue affects Pub…

Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through <= 1.1.24.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Loc…

Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a thr…

Authorization Bypass Through User-Controlled Key vulnerability in JoomSky JS Help Desk js-support-ticket allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JS …

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk…

Authorization Bypass Through User-Controlled Key vulnerability in LatePoint LatePoint latepoint allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LatePoint: f…