For providers

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mojoomla WPCRM - CRM for Contact form CF7 & WooCommerce allows SQL Injection. This...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Suhas Surse WP Employee Attendance System allows Blind SQL Injection. This issue...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Evon allows PHP Local File Inclusion. This issue affects...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in snstheme Simen allows PHP Local File Inclusion. This issue affects...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpdistillery Navigation Tree Elementor allows Blind SQL Injection. This issue affects...

Deserialization of Untrusted Data vulnerability in yuliaz Rapyd Payment Extension for WooCommerce allows Object Injection. This issue affects Rapyd Payment Extension for WooCommerce: from n/a...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in _CreativeMedia_ Elite Video Player allows Stored XSS. This issue affects Elite Video...

Deserialization of Untrusted Data vulnerability in themeton Spare allows Object Injection. This issue affects Spare: from n/a through 1.7.

Unrestricted Upload of File with Dangerous Type vulnerability in ovatheme Ovatheme Events Manager allows Using Malicious Files. This issue affects Ovatheme Events Manager: from n/a through 1.7.5.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in mojoomla WPGYM allows PHP Local File Inclusion. This issue affects...