Cross-Site Request Forgery (CSRF) vulnerability in LIJE Show Pages List show-pages-list allows Cross Site Request Forgery.This issue affects Show Pages List: from n/a through <= 1.2.0.

Cross-Site Request Forgery (CSRF) vulnerability in Bage Flexible FAQ flexible-faq allows Cross Site Request Forgery.This issue affects Flexible FAQ: from n/a through <= 0.2.

Cross-Site Request Forgery (CSRF) vulnerability in Fastly Fastly fastly allows Cross Site Request Forgery.This issue affects Fastly: from n/a through <= 1.2.28.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in leeshadle Draft website-builder allows Stored XSS.This issue affects Draft: from n/a through <= 3.0.9.

Cross-Site Request Forgery (CSRF) vulnerability in Bytes.co WP Compiler wp-compiler allows Cross Site Request Forgery.This issue affects WP Compiler: from n/a through <= 1.0.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nextendweb Nextend Facebook Connect nextend-facebook-connect allows Stored XSS.This issue affects Nextend Facebook Connect : from n/a through <= 3.1.19.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through <= 5.8.

Missing Authorization vulnerability in Sumit Singh Classic Widgets with Block-based Widgets classic-widgets-with-block-based-widgets allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Classic Widgets with Block-based Widgets: from n/a through <= 1.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aum Watcharapon Designil PDPA Thailand pdpa-thailand allows Stored XSS.This issue affects Designil PDPA Thailand: from n/a through <= 2.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpo-HR NGG Smart Image Search ngg-smart-image-search allows Stored XSS.This issue affects NGG Smart Image Search: from n/a through <= 3.4.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in termageddon Termageddon: Cookie Consent & Privacy Compliance termageddon-usercentrics allows Stored XSS.This issue affects Termageddon: Cookie Consent & Privacy Compliance: from n/a through <= 1.8.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in averta Master Slider master-slider allows Stored XSS.This issue affects Master Slider: from n/a through <= 3.11.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in akdevs Genealogical Tree genealogical-tree allows Stored XSS.This issue affects Genealogical Tree: from n/a through <= 2.2.7.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maxpagels ShortCode shortcode allows Stored XSS.This issue affects ShortCode: from n/a through <= 0.8.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in douglaskarr List Child Pages Shortcode list-child-pages-shortcode allows Stored XSS.This issue affects List Child Pages Shortcode: from n/a through <= 1.3.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress theatre allows Stored XSS.This issue affects Theater for WordPress: from n/a through <= 0.18.8.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Search Atlas Group Search Atlas SEO metasync allows Stored XSS.This issue affects Search Atlas SEO: from n/a through <= 2.5.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard Leishman Mail Subscribe List mail-subscribe-list allows Stored XSS.This issue affects Mail Subscribe List: from n/a through <= 2.1.10.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bdthemes Ultimate Store Kit Elementor Addons ultimate-store-kit allows Stored XSS.This issue affects Ultimate Store Kit Elementor Addons: from n/a through <= 2.8.6.

Missing Authorization vulnerability in Codexpert, Inc CF7 Submissions cf7-submissions allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Submissions: from n/a through <= 0.26.

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Ays Pro Quiz Maker quiz-maker allows Retrieve Embedded Sensitive Data.This issue affects Quiz Maker: from n/a through <= 6.7.0.65.

Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker quiz-maker allows Cross Site Request Forgery.This issue affects Quiz Maker: from n/a through <= 6.7.0.64.

Cross-Site Request Forgery (CSRF) vulnerability in pebas CouponXxL couponxxl allows Privilege Escalation.This issue affects CouponXxL: from n/a through <= 4.5.0.

Authorization Bypass Through User-Controlled Key vulnerability in Alex Content Mask content-mask allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Content Mask: from n/a through <= 1.8.5.3.

Server-Side Request Forgery (SSRF) vulnerability in Alex Content Mask content-mask allows Server Side Request Forgery.This issue affects Content Mask: from n/a through <= 1.8.5.2.