For individuals

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack

The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add...

The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.6.0. This is due to missing or incorrect nonce...

The specific function parameter of ASUS Download Master does not properly filter user input. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to...

ASUS Download Master has a buffer overflow vulnerability. An unauthenticated remote attacker with administrative privileges can exploit this vulnerability to execute arbitrary system commands on...

The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Custom JS option in versions up to, and including, 9.0.38. This makes it possible for...

Vulnerability of unauthorized screenshot capturing in the WMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Privilege escalation vulnerability in the AMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

Memory management vulnerability in the boottime module Impact: Successful exploitation of this vulnerability can affect integrity.