URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ILLID Share This Image.This issue affects Share This Image: from n/a through...
4.7CVSS
6.7AI Score
0.001EPSS
Cross-Site Request Forgery (CSRF) vulnerability in Harish Chouhan, Themeist I Recommend Tplugin <= 3.9.0...
8.8CVSS
8.7AI Score
0.001EPSS
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BrokenCrust This Day In History plugin <= 3.10.1...
7.1CVSS
6AI Score
0.001EPSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Harish Chouhan, Themeist I Recommend This plugin <= 3.8.3...
5.9CVSS
4.8AI Score
0.0005EPSS
A vulnerability has been found in I Recommend This Plugin up to 3.7.2 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality of the file dot-irecommendthis.php. The manipulation leads to sql injection. The attack can be launched remotely. Upgrading to...
9.8CVSS
9.8AI Score
0.001EPSS
A vulnerability has been found in ss15-this-is-sparta and classified as problematic. This vulnerability affects unknown code of the file js/roomElement.js of the component Main Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is...
6.1CVSS
6.1AI Score
0.001EPSS
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid...
7.1CVSS
5.5AI Score
0.001EPSS
9.8CVSS
9.9AI Score
0.001EPSS
The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url...
6.1CVSS
6AI Score
0.001EPSS
SQL injection vulnerability in This HTML Is Simple (THIS) before 1.2.4 allows remote to execute arbitrary SQL commands via vectors related to op=page&id= in the...
8.3AI Score
0.002EPSS