| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Elated-Themes Search & Go search-and-go allows Password Recovery Exploitation.This issue affects Search & Go: from n/a through <= 2.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks wp-travel-blocks.This issue affects WP Travel Gutenberg Blocks: from n/a through <= 3.9.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Tab Ultimate tabs-pro.This issue affects Tab Ultimate: from n/a through <= 1.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Uddin Generic Elements generic-elements-for-elementor allows Stored XSS.This issue affects Generic Elements: from n/a through <= 1.2.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force SureRank surerank.This issue affects SureRank: from n/a through <= 1.3.2. |
| The Password Reset with Code for WordPress REST API WordPress plugin before 0.0.17 does not use cryptographically sound algorithms to generate OTP codes, potentially leading to account takeovers. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through < 4.2.0. |
| Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes News Event news-event.This issue affects News Event: from n/a through <= 1.0.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in favethemes Houzez Theme - Functionality houzez-theme-functionality.This issue affects Houzez Theme - Functionality: from n/a through <= 4.1.8. |
| Missing Authorization vulnerability in Jegstudio Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons gutenverse-news allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Gutenverse News – Advanced News Magazine Blog Gutenberg Blocks Addons: from n/a through <= 3.0.2. |
| Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal AppExperts appexperts allows Retrieve Embedded Sensitive Data.This issue affects AppExperts: from n/a through <= 1.4.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign Core u-design-core.This issue affects UDesign Core: from n/a through <= 4.14.1. |
| Unrestricted Upload of File with Dangerous Type vulnerability in blazethemes Blogmatic blogmatic.This issue affects Blogmatic: from n/a through <= 1.0.3. |
| Unrestricted Upload of File with Dangerous Type vulnerability in Case-Themes Case Addons case-addons.This issue affects Case Addons: from n/a through < 1.3.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for WPBakery) thegem-elements.This issue affects TheGem Theme Elements (for WPBakery): from n/a through <= 5.10.5.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bastien Ho Event post event-post.This issue affects Event post: from n/a through <= 5.10.3. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem (Elementor) thegem-elementor.This issue affects TheGem (Elementor): from n/a through <= 5.10.5.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in YOP YOP Poll yop-poll.This issue affects YOP Poll: from n/a through <= 6.5.37. |
| Missing Authorization vulnerability in themerain ThemeRain Core themerain-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeRain Core: from n/a through <= 1.1.9. |
