2840 matches found
CVE-2025-23911
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in solidres Solidres – Hotel booking plugin solidres allows SQL Injection.This issue affects Solidres – Hotel booking plugin: from n/a through = 0.9.4...
CVE-2025-23920
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sourcing Team ApplicantPro applicantpro allows Reflected XSS.This issue affects ApplicantPro: from n/a through = 1.3.9...
CVE-2025-23685
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebTechGlobal RomanCart romancart-on-wordpress allows Reflected XSS.This issue affects RomanCart: from n/a through = 0.0.2...
CVE-2025-23784
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Jeffrey Contact Form 7 Round Robin Lead Distribution contact-form-7-round-robin-lead-distribution allows SQL Injection.This issue affects Contact Form 7 Round Robin Lead Distribution: from n/...
CVE-2025-23664
Cross-Site Request Forgery CSRF vulnerability in Real Seguro Viagem Real Seguro Viagem seguro-viagem allows Stored XSS.This issue affects Real Seguro Viagem: from n/a through = 2.0.5...
CVE-2025-23673
Cross-Site Request Forgery CSRF vulnerability in dkukral Email on Publish email-on-publish allows Stored XSS.This issue affects Email on Publish: from n/a through = 1.5...
CVE-2025-23835
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jmraya Legal + legal-plus allows Reflected XSS.This issue affects Legal +: from n/a through = 1.0...
CVE-2025-23871
Cross-Site Request Forgery CSRF vulnerability in Bas Matthee LSD Google Maps Embedder lsd-google-maps-embedder allows Cross Site Request Forgery.This issue affects LSD Google Maps Embedder: from n/a through = 1.1...
CVE-2025-23736
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webgdawg Form To JSON form-to-json allows Reflected XSS.This issue affects Form To JSON: from n/a through = 1.0...
CVE-2025-23422
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in moaluko Store Locator store-locator allows PHP Local File Inclusion.This issue affects Store Locator: from n/a through = 3.98.10...
CVE-2025-23822
Cross-Site Request Forgery CSRF vulnerability in alicornea Category Custom Fields categorycustomfields allows Cross Site Request Forgery.This issue affects Category Custom Fields: from n/a through = 1.0...
CVE-2025-23714
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in podspod AppReview appreview allows Reflected XSS.This issue affects AppReview: from n/a through = 0.2.9...
CVE-2025-23839
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Asif Shakeel Sticky Button sticky-chat-button allows Stored XSS.This issue affects Sticky Button: from n/a through = 1.0...
CVE-2025-23509
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in siteheart HyperComments comments-with-hypercommentscom allows Reflected XSS.This issue affects HyperComments: from n/a through = 0.9.6...
CVE-2025-23932
Deserialization of Untrusted Data vulnerability in Marko-M Quick Count quick-count allows Object Injection.This issue affects Quick Count: from n/a through = 3.00...
CVE-2025-23976
Cross-Site Request Forgery CSRF vulnerability in operationsissuu Issuu Panel issuu-panel allows Stored XSS.This issue affects Issuu Panel: from n/a through = 2.1.1...
CVE-2022-38758
Cross-site Scripting XSS vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL...
CVE-2022-38355
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network LAN to disclose sensitive information stored by the affected product without requiring authentication...
CVE-2022-0526
Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.2.0...
CVE-2022-0964
Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4...