Filtered by vendor Incsub
Subscriptions
Total
22 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-9455 | 1 Incsub | 1 Buddypress-activity-plus | 2024-11-21 | 8.1 High |
| The buddypress-activity-plus plugin before 1.6.2 for WordPress has CSRF with resultant directory traversal via the wp-admin/admin-ajax.php bpfb_photos[] parameter in a bpfb_remove_temp_images action. | ||||
| CVE-2024-45625 | 1 Incsub | 1 Forminator | 2024-09-12 | 6.1 Medium |
| Cross-site scripting vulnerability exists in Forminator versions prior to 1.34.1. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who follows a crafted URL and accesses the webpage with the web form created by Forminator. | ||||