WordPress Pagelayer plugin < 1.8.8 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Jeewan Kumar Bhatta in WordPress Plugin PageLayer versions 1.8.8...

CVE-2023-31233

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Haoqisir Baidu Tongji generator plugin = 1.0.2 versions...

WordPress Registrations for The Events Calendar plugin < 2.13.4 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Registrations for the Events Calendar versions 2.13.4...

WordPress Coronavirus (COVID-19) Notice Message plugin <= 1.1.2 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin Coronavirus COVID-19 Notice Message versions = 1.1.2...

WordPress LuckyWP Table of Contents plugin < 2.1.7 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin LuckyWP Table of Contents versions 2.1.7...

WordPress WPForms plugin < 1.9.1.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by WPscan in WordPress Plugin Contact Form by WPForms versions 1.9.1.6...

WordPress System Dashboard plugin < 2.8.15 - Admin+ Path Traversal vulnerability

Admin+ Path Traversal vulnerability discovered by Dogus DEMIRKIRAN in WordPress Plugin System Dashboard versions 2.8.15...

WordPress Gianism plugin < 5.2.1 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Felipe Restrepo Rodriguez, Mateo Gutierrez Gomez in WordPress Plugin Gianism versions 5.2.1...

WordPress Better Comments plugin < 1.5.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Nicolo in WordPress Plugin Better Comments versions 1.5.6...

WordPress Announce from the Dashboard plugin <= 1.5.2 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Benedictus Jovan in WordPress Plugin Announce from the Dashboard versions = 1.5.2...

Donations Made Easy - Smart Donations <= 4.0.12 - Admin+ SQLi

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

PT-2023-30236 · Unknown · Gd Security Headers

Name of the Vulnerable Software and Affected Versions: GD Security Headers versions 1.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows authorized users with admin+ privileges to...

CVE-2005-2079

CVE-2005-2079 describes a heap-based buffer overflow in the Admin Plus Pack Option for VERITAS Backup Exec 9.0–10.0 on Windows Servers. The flaw is capable of enabling remote attackers to execute arbitrary code. The root cause is a heap-based overflow in the Admin Plus Pack Option, leading to pot...

[VulnWatch] Remote Unauthenticated Heap Overflow VERITAS Backup Exec Server for Windows

Mark Litchfield of NGSSoftware has discovered a high risk vulnerability in the Veritas Backup Exec Server for Windows which can allow remote code execution. Affected Products include - Backup Exec 10.0 for Windows Servers rev. 5484 Backup Exec 9.1 for Windows Servers rev. 4691 Backup Exec 9.0 for...