Filtered by vendor Quadlayers Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-2361 1 Quadlayers 1 Wp Social Chat 2024-11-21 4.8 Medium
The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.
CVE-2022-23982 1 Quadlayers 1 Perfect Brands For Woocommerce 2024-11-21 4.3 Medium
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.
CVE-2022-23981 1 Quadlayers 1 Perfect Brands For Woocommerce 2024-11-21 4.3 Medium
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).
CVE-2019-15779 1 Quadlayers 1 Wp Social Feed Gallery 2024-11-21 N/A
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete.
CVE-2024-39640 1 Quadlayers 1 Wp Social Feed Gallery 2024-11-01 6.5 Medium
Missing Authorization vulnerability in QuadLayers WP Social Feed Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Social Feed Gallery: from n/a through 4.3.9.
CVE-2021-4443 1 Quadlayers 1 Wordpress Mega Menu-quadmenu 2024-10-16 9.8 Critical
The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compiler_save AJAX action. This makes it possible for unauthenticated attackers to create arbitrary PHP files that can be used to execute malicious code.