5 matches found
PT-2025-44706
Name of the Vulnerable Software and Affected Versions Schema Scalpel versions prior to 1.6.2 Description The Schema Scalpel plugin for WordPress is susceptible to Stored Cross-Site Scripting. This is due to inadequate input sanitization and output escaping when handling user-supplied data in the...
Fedora: Security Advisory (FEDORA-2025-cf3fbd8fcf)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2022-22771 · WordPress · Role Based Pricing For Woocommerce
Name of the Vulnerable Software and Affected Versions: Role Based Pricing for WooCommerce WordPress plugin versions prior to 1.6.2 Description: The issue allows any authenticated users, such as subscribers, to upload arbitrary files, including PHP, due to the lack of authorization, proper CSRF...
WordPress Advanced Booking Calendar plugin <= 1.6.1 - Unauthenticated SQL Injection (SQLi) vulnerability
Unauthenticated SQL Injection SQLi vulnerability found by Lenon Leite in WordPress Advanced Booking Calendar plugin versions = 1.6.1. Solution Update the WordPress Advanced Booking Calendar plugin to the latest available version at least 1.6.2...
PT-2019-13431 · Vsourz Digital · Vsourz Digital Advanced Cf7 Db Plugin
Name of the Vulnerable Software and Affected Versions: Vsourz Digital Advanced CF7 DB plugin versions prior to 1.6.2 Description: A SQL injection issue exists, allowing a remote attacker to execute arbitrary SQL commands on the affected system. Recommendations: For Vsourz Digital Advanced CF7 DB...