Filtered by vendor Strategy11 Subscriptions
Total 24 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-10013 1 Strategy11 1 Awp Classifieds 2024-11-21 N/A
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.
CVE-2014-10012 1 Strategy11 1 Awp Classifieds 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
CVE-2017-20194 1 Strategy11 2 Formidable Form Builder, Formidable Forms 2024-10-31 5.3 Medium
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form.
CVE-2017-20192 1 Strategy11 1 Formidable Forms 2024-10-16 8.3 High
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser.