287 matches found
CVE-2023-32294
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Radical Web Design GDPR Cookie Consent Notice Box plugin = 1.1.6 versions...
CVE-2023-33322
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Front End Users allows Reflected XSS.This issue affects Front End Users: from n/a before 3.2.25...
CVE-2023-34005
Cross-Site Request Forgery CSRF vulnerability in Etoile Web Design Front End Users plugin = 3.2.24 versions...
CVE-2009-3822
PHP remote file inclusion vulnerability in Fiji Web Design Ajax Chat comajaxchat component 1.0 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSmosConfigabsolutepath parameter to tests/ajcuser.php...
CVE-2024-25597
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8...
CVE-2024-54288
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LDD Web Design LDD Directory Lite ldd-directory-lite allows Reflected XSS.This issue affects LDD Directory Lite: from n/a through = 3.3...
CVE-2024-31084
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19...
CVE-2024-53729
Cross-Site Request Forgery CSRF vulnerability in plumwd Blizzard Quotes blizzard-quotes allows Stored XSS.This issue affects Blizzard Quotes: from n/a through = 1.3...
CVE-2024-54288
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LDD Web Design LDD Directory Lite ldd-directory-lite allows Reflected XSS.This issue affects LDD Directory Lite: from n/a through = 3.3...
CVE-2024-53729
Cross-Site Request Forgery CSRF vulnerability in plumwd Blizzard Quotes blizzard-quotes allows Stored XSS.This issue affects Blizzard Quotes: from n/a through = 1.3...
CVE-2024-53729
CVE-2024-53729 describes a CSRF-to-Stored-XSS issue in the WordPress plugin Blizzard Quotes , affecting versions up to 1.3 (n/a through 1.3). The connected sources corroborate the naming and vulnerability type but do not provide concrete exploitation steps, affected product/version ranges beyond ...
PT-2024-35837 · Unknown · Plumeria Web Design Blizzard Quotes
Name of the Vulnerable Software and Affected Versions: Plumeria Web Design Blizzard Quotes versions n/a through 1.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can perform unauthorized actions on the website. The estimat...
CVE-2024-43343
Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12...
CVE-2024-43343 WordPress Order Tracking – WordPress Status Tracking Plugin plugin < 3.3.13 - Broken Access Control vulnerability
Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12...
CVE-2024-43343
CVE-2024-43343 affects the WordPress Order Tracking (Order Tracking – WordPress Status Tracking Plugin) up to version 3.3.12, with Missing Authorization due to ACL enforcement gaps enabling unauthorized access to certain functions. Root cause: lack of proper authorization checks in Order Tracking...
PT-2024-30510 · Unknown · Etoile Web Design Order Tracking
Name of the Vulnerable Software and Affected Versions: Etoile Web Design Order Tracking versions n/a through 3.3.12 Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions n/a...
CVE-2024-49632
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Senthil Vel CWD 3D Image Gallery cwd-3d-image-gallery allows Reflection Injection.This issue affects CWD 3D Image Gallery: from n/a through = 1.0...
CVE-2024-49632
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Coral Web Design CWD 3D Image Gallery allows Reflected XSS.This issue affects CWD 3D Image Gallery: from n/a through 1.0...
CVE-2024-49632
CVE-2024-49632 affects the WordPress plugin CWD 3D Image Gallery (versions
CVE-2024-49632 WordPress CWD 3D Image Gallery plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Senthil Vel CWD 3D Image Gallery cwd-3d-image-gallery allows Reflection Injection.This issue affects CWD 3D Image Gallery: from n/a through = 1.0...