Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (55 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2022-0424 1 Supsystic 1 Popup 2024-11-21 5.3 Medium
The Popup by Supsystic WordPress plugin before 1.10.9 does not have any authentication and authorisation in an AJAX action, allowing unauthenticated attackers to call it and get the email addresses of subscribed users
CVE-2021-46782 1 Supsystic 1 Price Table 2024-11-21 6.1 Medium
The Pricing Table by Supsystic WordPress plugin before 1.9.5 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
CVE-2021-46780 1 Supsystic 1 Easy Google Maps 2024-11-21 6.1 Medium
The Easy Google Maps WordPress plugin before 1.9.32 does not escape the tab parameter before outputting it back in an attribute in the admin dashboard, leading to a Reflected Cross-Site Scripting
CVE-2021-24276 1 Supsystic 1 Contact Form 2024-11-21 6.1 Medium
The Contact Form by Supsystic WordPress plugin before 1.7.15 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
CVE-2021-24275 1 Supsystic 1 Popup 2024-11-21 6.1 Medium
The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
CVE-2021-24274 1 Supsystic 1 Ultimate Maps 2024-11-21 6.1 Medium
The Ultimate Maps by Supsystic WordPress plugin before 1.2.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue
CVE-2020-9394 1 Supsystic 1 Pricing Table By Supsystic 2024-11-21 8.8 High
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows CSRF.
CVE-2020-9393 1 Supsystic 1 Pricing Table By Supsystic 2024-11-21 6.1 Medium
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allows XSS.
CVE-2020-9392 1 Supsystic 1 Pricing Table By Supsystic 2024-11-21 7.3 High
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table.
CVE-2020-12076 1 Supsystic 1 Data Tables Generator 2024-11-21 8.8 High
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.
CVE-2020-12075 1 Supsystic 1 Data Tables Generator 2024-11-21 8.8 High
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.
CVE-2017-18512 1 Supsystic 1 Newsletter By Supsystic 2024-11-21 N/A
The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.
CVE-2016-10918 1 Supsystic 1 Photo Gallery 2024-11-21 N/A
The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF.
CVE-2016-10915 1 Supsystic 1 Popup 2024-11-21 N/A
The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF.
CVE-2024-47330 1 Supsystic 2 Slider, Social Share Buttons 2024-10-02 4.3 Medium
Missing Authorization vulnerability in Supsystic Slider by Supsystic, Supsystic Social Share Buttons by Supsystic.This issue affects Slider by Supsystic: from n/a through 1.8.6; Social Share Buttons by Supsystic: from n/a through 2.2.9.