For individuals

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound Debug-Bar-Extender allows Reflected XSS. This issue affects...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zzmaster WP AntiDDOS allows Reflected XSS. This issue affects WP AntiDDOS: from n/a...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce allows SQL...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Authors allows SQL Injection. This issue affects...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maennchen1.de m1.DownloadList allows DOM-Based XSS. This issue affects...

Cross-Site Request Forgery (CSRF) vulnerability in Recapture Cart Recovery and Email Marketing Recapture for WooCommerce allows Cross Site Request Forgery. This issue affects Recapture for...

Deserialization of Untrusted Data vulnerability in magepeopleteam Booking and Rental Manager allows Object Injection. This issue affects Booking and Rental Manager: from n/a through 2.2.6.

Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Ohio Extra allows Code Injection. This issue affects Ohio Extra: from n/a through 3.4.7.

Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register Premium: from n/a through 3.8.3.2.

Missing Authorization vulnerability in NotFound Fresh Framework allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Fresh Framework: from n/a through 1.70.0.