For individuals

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acowebs Product Labels For Woocommerce allows Blind SQL Injection.This issue affects...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Captivate Audio Ltd Captivate Sync allows Stored XSS.This issue affects Captivate...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Pie Register Premium allows Reflected XSS.This issue affects Pie Register...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows DOM-Based XSS.This...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AREOI All Bootstrap Blocks allows PHP Local File Inclusion.This...

Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 6.3.2.

Missing Authorization vulnerability in WPSight WPCasa allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPCasa: from n/a through 1.2.13.

Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through 1.14.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in URBAN BASE Z-Downloads allows Stored XSS.This issue affects Z-Downloads: from n/a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Owen Cutajar & Hyder Jaffari WordPress Auction Plugin allows Stored XSS.This issue...