|
3441
|
8.2 |
HIGH
Network
|
-
|
-
|
Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id'…
|
CWE-89
SQL Injection
|
CVE-2016-20073
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3442
|
8.2 |
HIGH
Network
|
-
|
-
|
BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid p…
|
CWE-89
SQL Injection
|
CVE-2016-20072
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3443
|
8.2 |
HIGH
Network
|
-
|
-
|
The 404 Redirection Manager plugin version 1.0 for WordPress contains an unauthenticated SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicio…
|
CWE-89
SQL Injection
|
CVE-2016-20071
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3444
|
6.4 |
MEDIUM
Network
|
-
|
-
|
WordPress Booking Calendar Contact Form 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicio…
|
CWE-79
Cross-site Scripting
|
CVE-2016-20070
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3445
|
8.2 |
HIGH
Network
|
-
|
-
|
WordPress Booking Calendar Contact Form 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in…
|
CWE-89
SQL Injection
|
CVE-2016-20069
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3446
|
8.2 |
HIGH
Network
|
-
|
-
|
WordPress Booking Calendar Contact Form version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicio…
|
CWE-89
SQL Injection
|
CVE-2016-20068
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3447
|
4.3 |
MEDIUM
Network
|
-
|
-
|
WordPress CP Polls 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML…
|
CWE-352
Origin Validation Error
|
CVE-2016-20067
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3448
|
7.2 |
HIGH
Network
|
-
|
-
|
WordPress CP Polls 1.0.8 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unsanitized file upload functionality. Attackers can upload…
|
CWE-79
Cross-site Scripting
|
CVE-2016-20066
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3449
|
6.5 |
MEDIUM
Network
|
microsoft
|
visual_studio_code
|
Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network.
|
CWE-23
Relative Path Traversal
|
CVE-2026-47287
|
2026-06-15 23:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3450
|
6.5 |
MEDIUM
Network
|
microsoft
|
visual_studio_code
|
Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network.
|
CWE-200 NVD-CWE-noinfo
Information Exposure
|
CVE-2026-47284
|
2026-06-15 23:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|