Filtered by vendor Strategy11
Subscriptions
Total
24 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-10013 | 1 Strategy11 | 1 Awp Classifieds | 2024-11-21 | N/A |
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action. | ||||
CVE-2014-10012 | 1 Strategy11 | 1 Awp Classifieds | 2024-11-21 | N/A |
Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI. | ||||
CVE-2017-20194 | 1 Strategy11 | 2 Formidable Form Builder, Formidable Forms | 2024-10-31 | 5.3 Medium |
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form. | ||||
CVE-2017-20192 | 1 Strategy11 | 1 Formidable Forms | 2024-10-16 | 8.3 High |
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser. |