Filtered by vendor Web-dorado
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16164 | 1 Web-dorado | 1 Event Calendar Wd | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2018-10504 | 1 Web-dorado | 1 Form Maker | 2024-11-21 | N/A |
| The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection. | ||||
| CVE-2018-10301 | 1 Web-dorado | 1 Wd Instagram Feed | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post. | ||||
| CVE-2018-10300 | 1 Web-dorado | 1 Wd Instagram Feed | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in an Instagram profile's bio. | ||||
| CVE-2017-7719 | 1 Web-dorado | 1 Spider Event Calendar | 2024-11-21 | N/A |
| SQL injection in the Spider Event Calendar (aka spider-event-calendar) plugin before 1.5.52 for WordPress is exploitable with the order_by parameter to calendar_functions.php or widget_Theme_functions.php, related to front_end/frontend_functions.php. | ||||
| CVE-2017-2224 | 1 Web-dorado | 1 Event Calendar Wd | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2015-2798 | 1 Web-dorado | 1 Contact Form Maker | 2024-11-21 | N/A |
| SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter. | ||||