Vulnerabilities > Vektor INC

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-13	CVE-2024-52268	Cross-site Scripting vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit Cross-site scripting vulnerability exists in VK All in One Expansion Unit versions prior to 9.100.1.0. network low complexity vektor-inc CWE-79	4.8
2024-07-20	CVE-2024-37956	Cross-site Scripting vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vektor,Inc. network low complexity vektor-inc CWE-79	5.4
2024-01-20	CVE-2024-0623	Cross-Site Request Forgery (CSRF) vulnerability in Vektor-Inc VK Block Patterns The VK Block Patterns plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.31.1.1. network low complexity vektor-inc CWE-352	4.3
2023-11-22	CVE-2023-5706	Cross-site Scripting vulnerability in Vektor-Inc VK Blocks The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk-blocks/ancestor-page-list' block in all versions up to, and including, 1.63.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity vektor-inc CWE-79	5.4
2023-10-27	CVE-2023-5705	Unspecified vulnerability in Vektor-Inc VK Filter Search The VK Filter Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk_filter_search' shortcode in all versions up to, and including, 2.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity vektor-inc	5.4
2023-06-03	CVE-2023-0583	Unspecified vulnerability in Vektor-Inc VK Blocks The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_vk_blocks_options' function in versions up to, and including, 1.57.0.5. network low complexity vektor-inc	4.3
2023-06-03	CVE-2023-0584	Unspecified vulnerability in Vektor-Inc VK Blocks The VK Blocks plugin for WordPress is vulnerable to improper authorization via the REST 'update_options' function in versions up to, and including, 1.57.0.5. network low complexity vektor-inc	4.3
2023-05-23	CVE-2023-27923	Cross-site Scripting vulnerability in Vektor-Inc VK Blocks Cross-site scripting vulnerability in Tag edit function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. network low complexity vektor-inc CWE-79	5.4
2023-05-23	CVE-2023-27925	Cross-site Scripting vulnerability in Vektor-Inc VK Blocks Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script. network low complexity vektor-inc CWE-79	5.4
2023-05-23	CVE-2023-27926	Cross-site Scripting vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit Cross-site scripting vulnerability in Profile setting function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script. network low complexity vektor-inc CWE-79	5.4

Vulnerabilities > Vektor INC {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vektor INC"}]}

Vulnerabilities > Vektor INC