4.3
CVE-2024-49628 - WordPress Most And Least Read Posts Widget plugin <= 2.5.18 - Cross Site Request Forgery (CSRF) vulβ¦
Cross-Site Request Forgery (CSRF) vulnerability in whiletrue Most And Least Read Posts Widget most-and-least-read-posts-widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through <= 2.5.18.
7.1
CVE-2024-49335 - WordPress GoogleDrive folder list plugin <= 2.2.2 - CSRF to Stored Cross Site Scripting (XSS) vulneβ¦
Cross-Site Request Forgery (CSRF) vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through <= 2.2.2.
7.1
CVE-2024-49605 - WordPress Community Lite Video Chat plugin <= 2.2 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Stefan Nour AVChat Video Chat avchat-3 allows Stored XSS.This issue affects AVChat Video Chat: from n/a through <= 2.2.
7.1
CVE-2024-49629 - WordPress Endless Posts Navigation plugin <= 2.2.7 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through <= 2.2.7.
8.5
CVE-2024-47325 - WordPress Multiple Page Generator Plugin β MPG plugin <= 3.4.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle MPG multiple-pages-generator-by-porthas allows SQL Injection.This issue affects MPG: from n/a through <= 3.4.7.
8.5
CVE-2024-49609 - WordPress Author Discussion plugin <= 0.2.2 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through <= 0.2.2.
8.5
CVE-2024-49612 - WordPress SW Contact Form plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sanjeev SW Contact Form sw-contact-form allows Blind SQL Injection.This issue affects SW Contact Form: from n/a through <= 1.0.
8.5
CVE-2024-49613 - WordPress Simple Code Insert Shortcode plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in developersnote Simple Code Insert Shortcode simple-code-insert-shortcode allows SQL Injection.This issue affects Simple Code Insert Shortcode: from n/a through <= 1.0.
8.5
CVE-2024-49614 - WordPress SermonAudio Widgets plugin <= 1.9.3 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SermonAudio SermonAudio Widgets sermonaudio-widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through <= 1.9.3.
8.2
CVE-2024-49615 - WordPress SafetyForms plugin <= 1.0.0 - CSRF to SQL Injection vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms safetymails-forms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through <= 1.0.0.