December 13, 2021

Fortinet FortiOS up to 6.4.6/7.0.0 Local Privilege Escalation

A vulnerability classified as problematic has been found in Fortinet FortiOS up to 6.4.6/7.0.0 (Firewall Software). Upgrading to version 6.4.7

Common Vulnerabilities and Exposures

Advanced Custom Fields Plugin up to 5.10 on WordPress Database Browsing authorization

A vulnerability, which was classified as critical, was found in Advanced Custom Fields Plugin up to 5.10 on WordPress (WordPress

Common Vulnerabilities and Exposures

Advanced Custom Fields Plugin up to 5.10 on WordPress authorization

A vulnerability has been found in Advanced Custom Fields Plugin up to 5.10 on WordPress (WordPress Plugin) and classified as

Common Vulnerabilities and Exposures

Advanced Custom Fields Plugin up to 5.10 on WordPress Field Group authorization

A vulnerability was found in Advanced Custom Fields Plugin up to 5.10 on WordPress (WordPress Plugin) and classified as critical.

Common Vulnerabilities and Exposures

ToTop Link Plugin up to 1.7.1 on WordPress base64 User Input unserialize deserialization

A vulnerability was found in ToTop Link Plugin up to 1.7.1 on WordPress (WordPress Plugin). It has been classified as

Common Vulnerabilities and Exposures

Contact Form Advanced Database Plugin up to 1.0.8 on WordPress delete_cf7_data/export_cf7_data cross-site request forgery

A vulnerability was found in Contact Form Advanced Database Plugin up to 1.0.8 on WordPress (WordPress Plugin). It has been

Common Vulnerabilities and Exposures

WP Limits Plugin up to 1.0 on WordPress cross-site request forgery

A vulnerability was found in WP Limits Plugin up to 1.0 on WordPress (WordPress Plugin). It has been rated as

Common Vulnerabilities and Exposures

SEO Booster Plugin up to 3.7 on WordPress AJAX Request fn_my_ajaxified_dataloader_ajax sql injection

A vulnerability classified as critical has been found in SEO Booster Plugin up to 3.7 on WordPress (WordPress Plugin). Affected

Common Vulnerabilities and Exposures

Post Content Shortcode Plugin up to 1.0 on WordPress authorization

A vulnerability classified as problematic was found in Post Content Shortcode Plugin up to 1.0 on WordPress (WordPress Plugin). Affected

Common Vulnerabilities and Exposures

Improved Include Page Plugin up to 1.2 on WordPress Shortcode post_type/post_status access control

A vulnerability, which was classified as problematic, has been found in Improved Include Page Plugin up to 1.2 on WordPress

Common Vulnerabilities and Exposures

Mediamatic Plugin up to 2.7 on WordPress mediamaticAjaxRenameCategory categoryID sql injection

A vulnerability, which was classified as critical, was found in Mediamatic Plugin up to 2.7 on WordPress (WordPress Plugin). This

Common Vulnerabilities and Exposures

User Meta Shortcodes Plugin up to 0.5 on WordPress Parameter access control

A vulnerability has been found in User Meta Shortcodes Plugin up to 0.5 on WordPress (WordPress Plugin) and classified as

Common Vulnerabilities and Exposures

Quotes Collection Plugin up to 2.5.2 on WordPress bulkcheck sql injection

A vulnerability was found in Quotes Collection Plugin up to 2.5.2 on WordPress (WordPress Plugin) and classified as critical. This

Common Vulnerabilities and Exposures

WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots Plugin sql injection

A vulnerability was found in WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBots

Common Vulnerabilities and Exposures

Get Custom Field Values Plugin up to 3.x on WordPress authorization

A vulnerability was found in Get Custom Field Values Plugin up to 3.x on WordPress (WordPress Plugin). It has been

Common Vulnerabilities and Exposures

Modern Events Calendar Lite Plugin up to 6.1.4 on WordPress mec_load_single_page time sql injection

A vulnerability was found in Modern Events Calendar Lite Plugin up to 6.1.4 on WordPress (Calendar Software). It has been

Common Vulnerabilities and Exposures

LearnPress Plugin up to 4.1.3 on WordPress Parameter id sql injection

A vulnerability classified as critical has been found in LearnPress Plugin up to 4.1.3 on WordPress (WordPress Plugin). This affects

Common Vulnerabilities and Exposures

NEX-Forms Plugin up to 7.9.4 on WordPress Attribute cross site scripting

A vulnerability classified as problematic was found in NEX-Forms Plugin up to 7.9.4 on WordPress (WordPress Plugin). This vulnerability affects

Common Vulnerabilities and Exposures

WP System Log Plugin up to 1.0.20 on WordPress IP Address cross site scripting

A vulnerability, which was classified as problematic, has been found in WP System Log Plugin up to 1.0.20 on WordPress

Common Vulnerabilities and Exposures

Inspirational Quote Rotator Plugin up to 1.0.0 on WordPress cross site scripting

A vulnerability, which was classified as problematic, was found in Inspirational Quote Rotator Plugin up to 1.0.0 on WordPress (WordPress

Common Vulnerabilities and Exposures

Single Post Exporter Plugin up to 1.1.1 on WordPress cross-site request forgery

A vulnerability has been found in Single Post Exporter Plugin up to 1.1.1 on WordPress (WordPress Plugin) and classified as

Common Vulnerabilities and Exposures

WP Admin Logo Changer Plugin up to 1.0 on WordPress cross-site request forgery

A vulnerability was found in WP Admin Logo Changer Plugin up to 1.0 on WordPress (WordPress Plugin) and classified as

Common Vulnerabilities and Exposures

Ultimate NoFollow Plugin up to 1.4.8 on WordPress Attribute href cross site scripting

A vulnerability was found in Ultimate NoFollow Plugin up to 1.4.8 on WordPress (WordPress Plugin). It has been classified as

Common Vulnerabilities and Exposures

Temporary Login without Password Plugin up to 1.7.0 on WordPress cross-site request forgery

A vulnerability was found in Temporary Login without Password Plugin up to 1.7.0 on WordPress (WordPress Plugin). It has been

Day: December 13, 2021