CVE-2021-24432

The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'termid' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue...

PT-2024-31134

Name of the Vulnerable Software and Affected Versions LearnPress – WordPress LMS Plugin versions up to, and including, 4.2.6.5 Description The issue allows for time-based SQL Injection due to insufficient escaping on the user-supplied term id parameter and lack of sufficient preparation on the...