For individuals

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_tag.php` endpoint. This vulnerability could allow an authorized...

Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a...

Missing Authorization vulnerability in By Averta Shortcodes and extra features for Phlox theme allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shortcodes...

Missing Authorization vulnerability in Pixelite Meta Tag Manager. This issue affects Meta Tag Manager: from n/a through 3.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Felipe Peixoto Powerful Auto Chat allows Stored XSS. This issue affects Powerful Auto...

Missing Authorization vulnerability in UIUX Lab Uix Shortcodes allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Uix Shortcodes: from n/a through 2.0.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Reflected XSS. This issue affects Job Board...

Missing Authorization vulnerability in Xfinity Soft Content Cloner allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Content Cloner: from n/a through 1.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hesabfa Hesabfa Accounting allows Reflected XSS. This issue affects Hesabfa...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper NotificationX allows Stored XSS. This issue affects NotificationX: from...