A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The manipulation of the argument phone leads to sql injection. This product does not use versioning. This …

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Royal WooCommerce Maintenance Mode woocommerce-maintenance-mode allows Reflected XSS.This issue affects WooCommerce Maintenance Mode: from n/a through <= 2.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marian Heddesheimer Extra Privacy for Elementor extra-privacy-for-elementor allows Reflected XSS.This issue affects Extra Privacy for Elementor: from n/a through <= 0.1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fifthsegment DocumentPress documentpress-display-any-document-on-your-site allows Reflected XSS.This issue affects DocumentPress: from n/a through <= 2.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coub Coub coub allows DOM-Based XSS.This issue affects Coub: from n/a through <= 1.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CampusExplorer Campus Explorer Widget campus-explorer-widget allows Reflected XSS.This issue affects Campus Explorer Widget: from n/a through <= 1.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lew Ayotte leenk.me leenkme allows Reflected XSS.This issue affects leenk.me: from n/a through <= 2.16.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webgensis Simple Load More simple-load-more allows Reflected XSS.This issue affects Simple Load More: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elenkadark uCAT – Next Story ucat-next-story allows Reflected XSS.This issue affects uCAT – Next Story: from n/a through <= 2.0.0.

The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's newsletters_video shortcode in all versions up to, and including, 4.9.9.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticat…