416 matches found
Photo Gallery by 10Web <= 1.5.22 - Authenticated XSS
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Authenticated XSS security vulnerability...
Form Maker by 10Web < 1.13.3 - Authenticated SQL Injection
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder WordPress plugin was affected by an Authenticated SQL Injection security vulnerability...
CVE-2019-11590
The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $POST'action' value and the $GET'action' value, and the latter is...
CVE-2019-11590
The 10Web Form Maker plugin for WordPress is affected by CVE-2019-11590 (versions
WordPress Form Maker by 10Web plugin <= 1.13.4 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability found by Panagiotis Vagenas in WordPress Form Maker by 10Web plugin versions = 1.13.4. Solution Update the WordPress Form Maker by 10Web plugin to the latest available version at least 1.13.5...
Form Maker by WD < 1.12.24 - CSV Injection
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder WordPress plugin was affected by a CSV Injection security vulnerability...
Photo Gallery by WD <= 1.3.50 - Authenticated SQL Injection
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Authenticated SQL Injection security vulnerability...
Photo Gallery by WD <= 1.3.42 - Authenticated Path Traversal
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Authenticated Path Traversal security vulnerability...
Photo Gallery <= 1.2.11 - Cross-Site Scripting (XSS)
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by a Cross-Site Scripting XSS security vulnerability...
Photo Gallery <= 1.2.5 - Unrestricted File Upload
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Unrestricted File Upload security vulnerability...
Photo Gallery <= 1.2.8 - Multiple Authenticated Reflected XSS
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by a Multiple Authenticated Reflected XSS security vulnerability. PoC /wp-admin/admin-ajax.php?action=addImages=700=550=jpg,jpeg,png,gif=bwgaddpreviewimageby=name";...
Photo Gallery <= 1.2.8 - Blind SQL Injection
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by a Blind SQL Injection security vulnerability...
Photo Gallery <= 1.2.7 - Unauthenticated SQL injection
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an Unauthenticated SQL injection security vulnerability...
Photo Gallery 1.1.30 - Cross Site Scripting
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by a Cross Site Scripting security vulnerability...
Form Maker 1.6.4 - front_end_form_maker.php Unspecified XSS
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder WordPress plugin was affected by a frontendformmaker.php Unspecified XSS security vulnerability...
Photo-Gallery <= 1.2.41 - UploadHandler.php File Upload CSRF
The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an UploadHandler.php File Upload CSRF security vulnerability...