For providers

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mlaza jAlbum Bridge allows DOM-Based XSS. This issue affects jAlbum Bridge: from n/a...

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Igor Benic Simple Giveaways allows SQL Injection. This issue affects Simple...

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in HT Plugins WishSuite allows PHP Local File Inclusion. This issue...

Missing Authorization vulnerability in otacke SNORDIAN's H5PxAPIkatchu allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects SNORDIAN's H5PxAPIkatchu: from...

Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman Custom Login Logo allows Cross Site Request Forgery. This issue affects Custom Login Logo: from n/a through 1.1.7.

Cross-Site Request Forgery (CSRF) vulnerability in Boone Gorges Anthologize allows Cross Site Request Forgery. This issue affects Anthologize: from n/a through 0.8.2.

Missing Authorization vulnerability in Israpil Textmetrics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Textmetrics: from n/a through 3.6.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy IP Locator allows DOM-Based XSS. This issue affects IP Locator: from...

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.29.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Themewinter WPCafe allows PHP Local File Inclusion. This issue...