EUVD-2017-11131

Malware in sbrugna...

WordPress plugin PixelBeds Channel Manager and Hotel Booking Engine 跨站请求伪造漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability exists in WordPress plugin...

CVE-2025-24756 WordPress Roi Calculator plugin <= 1.0 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in mgplugin Roi Calculator allows Stored XSS. This issue affects Roi Calculator: from n/a through 1.0...

Sql injection

A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2017-20124

The CVE-2017-20124 entry affects Online Hotel Booking System Pro Plugin 1.0, specifically the /front/roomtype-details.php file. The vulnerability stems from unsafely handling the tid argument, causing an SQL injection that can be triggered remotely. Public exploits have been disclosed (e.g., Expl...

Sql injection

The zm-gallery plugin 1.0 for WordPress has SQL injection via the order parameter...

WordPress Plugin WPwizz AdWizz Plugin 1.0 - link Cross-Site Scripting

WordPress Plugin WPwizz AdWizz Plugin 1.0 - link Cross-Site Scripting source: https://www.securityfocus.com/bid/47141/info The WPwizz AdWizz plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage th...