A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes"...
6.1CVSS
5.9AI Score
0.001EPSS
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Cross Site Scripting (XSS) via...
6.1CVSS
6AI Score
0.001EPSS
ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via...
9.1CVSS
9.1AI Score
0.002EPSS
A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database...
7.5CVSS
7.9AI Score
0.002EPSS