10 matches found
EUVD-2026-39674
Unauthenticated SQL Injection in Real Estate 7 = 3.5.9 versions...
CVE-2026-1719
The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...
WordPress Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin <= 2.5.9 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Radio Station versions = 2.5.9...
WordPress Perfmatters plugin <= 2.5.9.1 - Authenticated (Subscriber+) Arbitrary File Deletion via 'delete' Parameter vulnerability
Authenticated Subscriber+ Arbitrary File Deletion via 'delete' Parameter vulnerability discovered by hoshino in WordPress Plugin Perfmatters versions = 2.5.9.1...
WordPress plugin Page Title Splitter 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A cross-site...
CVE-2025-47588
Improper Control of Generation of Code 'Code Injection' vulnerability in acowebs Dynamic Pricing With Discount Rules for WooCommerce aco-woo-dynamic-pricing allows Code Injection.This issue affects Dynamic Pricing With Discount Rules for WooCommerce: from n/a through = 4.5.9...
WordPress Soledad theme <= 8.5.9 - Unauthenticated Limited Local File Inclusion vulnerability
Unauthenticated Limited Local File Inclusion vulnerability discovered by Foxyyy in WordPress Theme Soledad versions = 8.5.9...
CVE-2022-21512
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where PeopleSoft Enterprise...
CVE-2022-21456
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Navigation Pages, Portal, Query. Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...
SiteFactory CMS Absolute Path Traversal Vulnerability
Mindbite SiteFactory CMS is a content management system CMS developed by Mindbite Switzerland. An absolute path traversal vulnerability exists in Mindbite SiteFactory CMS version 5.5.9, which can be exploited by remote attackers to read arbitrary files...