Medium - CVE-2024-13229 - The Rank Math SEO – AI SEO Tools to Dominate...
The Rank Math SEO – AI SEO Tools to Dominate SEO Rankings plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the update_metadata() function in all...
High - CVE-2024-13770 - The Puzzles | WP Magazine / Review with Store...
The Puzzles | WP Magazine / Review with Store WordPress Theme + RTL theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2.4 via deserialization of...
Medium - CVE-2025-0837 - The Puzzles theme for WordPress is vulnerable...
The Puzzles theme for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.2.4 due to insufficient input sanitization and output escaping on...
NA - CVE-2024-10083 - CWE-20: Improper Input Validation vulnerability...
CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of engineering workstation when specific driver interface is invoked locally by an authenticated user with...
NA - CVE-2024-12586 - The Chalet-Montagne.com Tools WordPress plugin...
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could...
NA - CVE-2024-13119 - The Paid Membership Plugin, Ecommerce, User...
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which...
NA - CVE-2024-13120 - The Paid Membership Plugin, Ecommerce, User...
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which...
NA - CVE-2024-13121 - The Paid Membership Plugin, Ecommerce, User...
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which...
NA - CVE-2024-13125 - The Everest Forms WordPress plugin before...
The Everest Forms WordPress plugin before 3.0.8.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting...
NA - CVE-2025-0692 - The Simple Video Management System WordPress...
The Simple Video Management System WordPress plugin through 1.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored...