Show filters
221 Total Results
Displaying 11-20 of 221
Sort by:
Attacker Value
Unknown
CVE-2025-22503
Disclosure Date: January 07, 2025 (last updated January 08, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Digital Zoom Studio Admin debug wordpress – enable debug allows Cross Site Request Forgery.This issue affects Admin debug wordpress – enable debug: from n/a through 1.0.13.
0
Attacker Value
Unknown
CVE-2024-30424
Disclosure Date: November 19, 2024 (last updated January 05, 2025)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPZOOM Beaver Builder Addons by WPZOOM allows Stored XSS.This issue affects Beaver Builder Addons by WPZOOM: from n/a through 1.3.4.
0
Attacker Value
Unknown
CVE-2024-45422
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access.
0
Attacker Value
Unknown
CVE-2024-45420
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Uncontrolled resource consumption in some Zoom Apps before version 6.2.0 may allow an authenticated user to conduct a denial of service via network access.
0
Attacker Value
Unknown
CVE-2024-45419
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
0
Attacker Value
Unknown
CVE-2024-51848
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Digital Zoom Studio Parallaxer allows Stored XSS.This issue affects Parallaxer: from n/a through 1.00.
0
Attacker Value
Unknown
CVE-2024-43293
Disclosure Date: November 01, 2024 (last updated November 13, 2024)
Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through 3.3.1.
0
Attacker Value
Unknown
CVE-2021-4449
Disclosure Date: October 16, 2024 (last updated October 31, 2024)
The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepng.php' file in versions up to, and including, 5.96. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
0
Attacker Value
Unknown
CVE-2024-9027
Disclosure Date: September 25, 2024 (last updated October 03, 2024)
The WPZOOM Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'box' shortcode in all versions up to, and including, 1.0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
0
Attacker Value
Unknown
CVE-2024-8276
Disclosure Date: August 31, 2024 (last updated September 14, 2024)
The WPZOOM Portfolio Lite – Filterable Portfolio Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:wpzoom-blocks' Gutenberg block in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
0