CVE ID : CVE-2024-13670 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The Music Sheet Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘pn_msv’ shortcode in all versions up to, and including, 4.1 due to insufficient input sanitization and output escaping on user supplied attributes. […]
CVE ID : CVE-2024-13707 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The WP Image Uploader plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the gky_image_uploader_main_function() function. This makes it possible […]
CVE ID : CVE-2024-13700 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The Embed Swagger UI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wpsgui’ shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. […]
CVE ID : CVE-2024-13671 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.1 via the read_score_file() function. This makes it possible for unauthenticated attackers to read the contents of arbitrary […]
CVE ID : CVE-2024-13664 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The WP Post List Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wpb_post_list_table’ shortcode in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied […]
CVE ID : CVE-2024-13661 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The Table Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin’s ‘wptableeditor_vtabs’ shortcode in all versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This […]
CVE ID : CVE-2024-13652 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The ECPay Ecommerce for WooCommerce plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ‘clear_ecpay_debug_log’ AJAX action in all versions up to, and including, 1.1.2411060. This makes it possible […]
CVE ID : CVE-2024-13646 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The Single-user-chat plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the ‘single_user_chat_update_login’ function in all versions up to, and including, 0.5. This makes […]
CVE ID : CVE-2024-13596 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The WordPress Survey & Poll – Quiz, Survey and Poll Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the ‘id’ attribute of the ‘survey’ shortcode in all versions up to, and including, 1.7.5 due […]
CVE ID : CVE-2024-13549 Published : Jan. 30, 2025, 2:15 p.m. | 1 hour, 53 minutes ago Description : The All Bootstrap Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the “Accordion” widget in all versions up to, and including, 1.3.26 due to insufficient input sanitization and output escaping. This makes it possible for […]
Unit A5, Endeavour Business Park
Penner Road, Havant
PO9 1QN
Company Registration Number: 5334133
Company VAT Number: 855 7246 95
