CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

190 matches found

NVD•added 2024/06/08 1:15 p.m.•19 views

CVE-2024-35750

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wpdevart Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

8.8CVSS0.00441EPSS

Exploits0References1

Vulnrichment•added 2024/06/08 12:37 p.m.•22 views

CVE-2024-35750 WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - SQL Injection vulnerability

8.5CVSS7.7AI score0.00441EPSS

Exploits0References1

CVE•added 2024/06/08 12:37 p.m.•47 views

CVE-2024-35750

CVE-2024-35750 describes an SQL Injection in the wpdevart Responsive Image Gallery, Gallery Album plugin (vulnerable

8.8CVSS8.9AI score0.00441EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/06/08 12:0 a.m.•3 views

PT-2024-26704 · Unknown · Wpdevart Responsive Image Gallery

Name of the Vulnerable Software and Affected Versions: wpdevart Responsive Image Gallery, Gallery Album versions 2.0.3 and earlier Description: The issue is related to an SQL Injection vulnerability due to the improper neutralization of special elements used in an SQL command. This allows for...

8.8CVSS7.7AI score0.00441EPSS

Exploits0References9

NVD•added 2024/06/04 11:15 a.m.•22 views

CVE-2023-49741

Authentication Bypass by Spoofing vulnerability in wpdevart Coming soon and Maintenance mode allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Coming soon and Maintenance mode: from n/a through 3.7.3...

3.7CVSS4.3AI score0.0034EPSS

Exploits0References1

Cvelist•added 2024/06/03 9:35 p.m.•27 views

CVE-2023-24373 WordPress Booking calendar, Appointment Booking System plugin <= 3.2.3 - Bypass vulnerability

External Control of Assumed-Immutable Web Parameter vulnerability in WpDevArt Booking calendar, Appointment Booking System allows Manipulating Hidden Fields.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.3...

3.7CVSS4.3AI score0.00354EPSS

Exploits0References1

OSV•added 2024/03/31 8:15 p.m.•2 views

CVE-2024-30550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

6.1CVSS5.8AI score

Exploits0References1

NVD•added 2024/03/31 8:15 p.m.•15 views

CVE-2024-30550

7.1CVSS6.9AI score0.00398EPSS

Exploits0References1

OSV•added 2023/11/14 9:15 p.m.•3 views

CVE-2023-47533

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

4.8CVSS7.3AI score0.00394EPSS

Exploits0References1

NVD•added 2023/11/14 9:15 p.m.•20 views

CVE-2023-47533

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

5.9CVSS0.00394EPSS

Exploits0References1

CVE•added 2023/11/14 9:6 p.m.•75 views

CVE-2023-47533

CVE-2023-47533 affects the WordPress plugin Countdown and CountUp, WooCommerce Sales Timer (

5.9CVSS5.1AI score0.00394EPSS

Exploits0References1Affected Software1

OSV•added 2023/11/06 8:15 a.m.•0 views

CVE-2022-47428

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7...

9.8CVSS5.8AI score

Exploits0References1

NVD•added 2023/11/06 8:15 a.m.•20 views

CVE-2022-47428

9.8CVSS9.8AI score0.00675EPSS

Exploits0References1

Prion•added 2023/11/06 8:15 a.m.•13 views

Sql injection

7.5CVSS7.8AI score0.00675EPSS

Exploits0References1Affected Software1

CVE•added 2023/11/06 7:36 a.m.•40 views

CVE-2022-47428

CVE-2022-47428 affects the WordPress plugin Booking calendar, Appointment Booking System (

9.8CVSS8.9AI score0.00675EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/11/06 12:0 a.m.•19 views

PT-2023-15305 · Unknown · Wpdevart Booking Calendar

Name of the Vulnerable Software and Affected Versions: WpDevArt Booking calendar, Appointment Booking System versions 3.2.7 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQ...

9.8CVSS9.7AI score0.00675EPSS

Exploits0References4

OSV•added 2023/10/26 1:15 p.m.•3 views

CVE-2023-46075

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

6.1CVSS7.3AI score0.00331EPSS

Exploits0References1

NVD•added 2023/10/26 1:15 p.m.•17 views

CVE-2023-46075

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

7.1CVSS6.2AI score0.00331EPSS

Exploits0References1

Prion•added 2023/10/26 1:15 p.m.•25 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

5.8CVSS6AI score0.00331EPSS

Exploits0References1Affected Software1

CVE•added 2023/10/26 12:2 p.m.•59 views

CVE-2023-46075

CVE-2023-46075 describes an unauthenticated, reflected Cross-Site Scripting (XSS) in the WordPress plugin set of wpdevart Contact Form Builder and Contact Widget, listed as vulnerable up to version 2.1.6 (and up to 2.1.7 per Patchstack). The vulnerability path enables injection of scriptcode that...

7.1CVSS6AI score0.00331EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by