21 matches found
CVE-2026-56038
Contributor Privilege Escalation in Frisbii Pay = 1.8.2 versions...
CVE-2026-52695
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...
PT-2026-49520
Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout = 1.8.2 versions...
WordPress ABC Crypto Checkout plugin <= 1.8.2 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by xwii in WordPress Plugin ABC Crypto Checkout versions = 1.8.2...
CVE-2026-25346
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro FAQ Builder AYS faq-builder-ays allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FAQ Builder AYS: from n/a through = 1.8.2...
CVE-2026-25346
CVE-2026-25346 is an unauthenticated stored XSS vulnerability in the WordPress plugin FAQ Builder AYS (AYS faq-builder-ays), affecting versions from n/a up to and including 1.8.2. The CVE entry uses CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L with a base score of 7.1 (HIGH). Connected sources co...
CVE-2026-24985
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
EUVD-2026-5243
Missing Authorization vulnerability in approveme WP Forms Signature Contract Add-On wp-forms-signature-contract-add-on allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Forms Signature Contract Add-On: from n/a through = 1.8.2...
CVE-2025-64252
Server-Side Request Forgery SSRF vulnerability in Marco Milesi ANAC XML Viewer anac-xml-viewer allows Server Side Request Forgery.This issue affects ANAC XML Viewer: from n/a through = 1.8.2...
CVE-2025-64252
Server-Side Request Forgery SSRF vulnerability in Marco Milesi ANAC XML Viewer anac-xml-viewer allows Server Side Request Forgery.This issue affects ANAC XML Viewer: from n/a through = 1.8.2...
CVE-2025-5805 WordPress Electron theme <= 1.8.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ninetheme Electron electron allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Electron: from n/a through = 1.8.2...
PT-2026-3991
Name of the Vulnerable Software and Affected Versions Electron versions through 1.8.2 Description An authorization issue exists in Ninetheme Electron, allowing exploitation of incorrectly configured access control security levels. Recommendations Update to a version of Electron newer than 1.8.2...
WordPress WP Forms Signature Contract Add-On plugin <= 1.8.2 - Broken Access Control to Notice Dismissal vulnerability
Broken Access Control to Notice Dismissal vulnerability discovered by Nabil Irawan in WordPress Plugin WP Forms Signature Contract Add-On versions = 1.8.2...
CVE-2025-68078
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNectar Salient Portfolio salient-portfolio allows Stored XSS.This issue affects Salient Portfolio: from n/a through = 1.8.2...
EUVD-2025-203540
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeNectar Salient Portfolio salient-portfolio allows Stored XSS.This issue affects Salient Portfolio: from n/a through = 1.8.2...
CVE-2024-30192
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2...
CVE-2025-1039
The Lenix Elementor Leads addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a URL form field in all versions up to, and including, 1.8.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...
WordPress WP Event Aggregator Plugin <= 1.8.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin WP Event Aggregator versions = 1.8.2...
WordPress Kama SpamBlock plugin <= 1.8.2 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Kama SpamBlock versions = 1.8.2...
CVE-2024-30192
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GS Plugins GS Pins for Pinterest allows Stored XSS.This issue affects GS Pins for Pinterest: from n/a through 1.8.2...