For individuals

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Michele Giorgi Formality allows PHP Local File Inclusion. This...

Discourse is an open-source discussion platform. Prior to versions `3.3.4` on the `stable` branch and `3.4.0.beta5` on the `beta` branch, in specific circumstances, users could be added to group...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Theme Demo Bar allows Reflected XSS. This issue affects Theme Demo Bar: from...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yendif Player Another Events Calendar allows Reflected XSS. This issue affects...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound GDPR Tools allows Stored XSS. This issue affects GDPR Tools: from n/a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeSolz Bitcoin / AltCoin Payment Gateway for WooCommerce allows Reflected XSS. This...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Zalo Live Chat allows Reflected XSS. This issue affects Zalo Live Chat: from...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound UTM tags tracking for Contact Form 7 allows Reflected XSS. This issue...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Cookies Pro allows Reflected XSS. This issue affects Cookies Pro: from n/a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Secure Invites allows Reflected XSS. This issue affects Secure Invites: from...