For providers

A vulnerability was found in Synway SMG Gateway Management Software up to 20250204. It has been rated as critical. This issue affects some unknown processing of the file 9-12ping.php. The...

The Subscribe2 – Form, Email Subscribers & Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ip parameter in all versions up to, and including, 10.43 due to...

The Easypromos Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Easypromos shortcode in all versions up to, and including, 1.3.8 due to insufficient...

Age Verification for your checkout page. Verify your customer's identity 1.20.0 was found to be vulnerable. The web application dynamically generates web content without validating the source...

The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.7.1007. This is due to missing or incorrect nonce...

The Master Slider WordPress plugin before 3.10.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site...

The User Private Files – File Upload & Download Manager with Secure File Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘new-fldr-name’ parameter in all versions...

The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Import Data From File feature in all versions up to,...

Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in user's web...

Movable Type contains a stored cross-site scripting vulnerability in the HTML edit mode of MT Block Editor. It is exploitable when TinyMCE6 is used as a rich text editor and an arbitrary script may...