For providers

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Constantin Boiangiu Vimeotheque allows SQL Injection. This issue affects Vimeotheque:...

Missing Authorization vulnerability in Shahjada Live Forms allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Live Forms: from n/a through 4.8.4.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in smackcoders Lead Form Data Collection to CRM allows Blind SQL Injection. This issue...

Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla ValidateCertify allows Cross Site Request Forgery. This issue affects ValidateCertify: from n/a through 1.6.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Addons for Elementor allows Stored XSS. This issue affects SKT...

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in listamester Listamester allows Stored XSS. This issue affects Listamester: from n/a...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RadiusTheme The Post Grid allows PHP Local File Inclusion. This...

Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou Hesabfa Accounting allows Cross Site Request Forgery. This issue affects Hesabfa Accounting: from n/a through 2.1.8.

Cross-Site Request Forgery (CSRF) vulnerability in Nks publish post email notification allows Cross Site Request Forgery. This issue affects publish post email notification: from n/a through 1.0.2.3.

Missing Authorization vulnerability in wpzita Z Companion allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Z Companion: from n/a through 1.0.13.