Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Arture B.V. StoreContrl Woocommerce allows Path Traversal. This issue affects StoreContrl Woocommerce: from n/a through 4.1.3.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in taskbuilder Taskbuilder allows Blind SQL Injection. This issue affects Taskbuilder: from n/a through 4.0.1.

Missing Authorization vulnerability in jidaikobo Dashi allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Dashi: from n/a through 3.1.8.

Missing Authorization vulnerability in berthaai BERTHA AI allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects BERTHA AI: from n/a through 1.12.10.2.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Metagauss ProfileGrid allows SQL Injection. This issue affects ProfileGrid : from n/a through 5.9.4.8.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stylemix Cost Calculator Builder allows SQL Injection. This issue affects Cost Calculator Builder: from n/a through 3.2.65.

Deserialization of Untrusted Data vulnerability in bdthemes Ultimate Store Kit Elementor Addons allows Object Injection. This issue affects Ultimate Store Kit Elementor Addons: from n/a through 2.4.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Arigato Autoresponder and Newsletter allows Reflected XSS. This issue affects Arigato Autoresponder and Newsletter: from n/a through 2.7.2.4.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Quentn.com GmbH Quentn WP allows SQL Injection. This issue affects Quentn WP: from n/a through 1.2.8.

Weak Authentication vulnerability in Quentn.com GmbH Quentn WP allows Privilege Escalation. This issue affects Quentn WP: from n/a through 1.2.8.