Vulnerabilities > Tipsandtricks HQ

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-5650 Cross-site Scripting vulnerability in Tipsandtricks-Hq Simple Download Monitor
Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
network
low complexity
tipsandtricks-hq CWE-79
6.1
2019-09-12 CVE-2019-5993 Cross-Site Request Forgery (CSRF) vulnerability in Tipsandtricks-Hq Category Specific RSS Feed Subscription
Cross-site request forgery (CSRF) vulnerability in Category Specific RSS feed Subscription version v2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
network
low complexity
tipsandtricks-hq CWE-352
8.8
2019-08-14 CVE-2016-10888 SQL Injection vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues.
network
low complexity
tipsandtricks-hq CWE-89
critical
9.8
2019-08-14 CVE-2016-10887 SQL Injection vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues.
network
low complexity
tipsandtricks-hq CWE-89
critical
9.8
2019-08-14 CVE-2015-9310 SQL Injection vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.
network
low complexity
tipsandtricks-hq CWE-89
critical
9.8
2019-08-13 CVE-2016-10867 Cross-site Scripting vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages.
network
low complexity
tipsandtricks-hq CWE-79
6.1
2019-08-13 CVE-2016-10866 Cross-site Scripting vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues.
network
low complexity
tipsandtricks-hq CWE-79
6.1
2019-08-13 CVE-2016-10868 Cross-site Scripting vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.
network
low complexity
tipsandtricks-hq CWE-79
6.1
2019-08-13 CVE-2015-9294 Cross-site Scripting vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.
network
low complexity
tipsandtricks-hq CWE-79
6.1
2019-08-13 CVE-2015-9293 Cross-site Scripting vulnerability in Tipsandtricks-Hq ALL in ONE WP Security & Firewall
The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature.
network
low complexity
tipsandtricks-hq CWE-79
6.1