Vulnerabilities > Vsourz

DATE	CVE	VULNERABILITY TITLE	RISK
2024-07-22	CVE-2024-37245	Cross-site Scripting vulnerability in Vsourz ALL in ONE Redirection Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vsourz Digital All In One Redirection allows Reflected XSS.This issue affects All In One Redirection: from n/a through 2.2.0. network low complexity vsourz CWE-79	6.1
2023-11-12	CVE-2023-28167	Cross-Site Request Forgery (CSRF) vulnerability in Vsourz CF7 Invisible Recaptcha Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Digital CF7 Invisible reCAPTCHA plugin <= 1.3.3 versions. network low complexity vsourz CWE-352	8.8
2023-07-10	CVE-2023-2493	Unspecified vulnerability in Vsourz ALL in ONE Redirection The All In One Redirection WordPress plugin before 2.2.0 does not properly sanitise and escape multiple parameters before using them in an SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. network low complexity vsourz	7.2
2023-02-13	CVE-2022-45285	Cross-site Scripting vulnerability in Vsourz Advanced CF7 DB 1.7.2/1.9.1 Vsourz Digital Advanced Contact form 7 DB Versions 1.7.2 and 1.9.1 is vulnerable to Cross Site Scripting (XSS). network low complexity vsourz CWE-79	6.1
2022-05-25	CVE-2022-29408	Cross-site Scripting vulnerability in Vsourz Advanced CF7 DB Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress. network vsourz CWE-79	4.3
2022-03-21	CVE-2021-24905	Cross-Site Request Forgery (CSRF) vulnerability in Vsourz Advanced CF7 DB The Advanced Contact form 7 DB WordPress plugin before 1.8.7 does not have authorisation nor CSRF checks in the acf7_db_edit_scr_file_delete AJAX action, and does not validate the file to be deleted, allowing any authenticated user to delete arbitrary files on the web server. network low complexity vsourz CWE-352	8.0
2019-09-09	CVE-2018-21012	Cross-site Scripting vulnerability in Vsourz CF7 Invisible Recaptcha The cf7-invisible-recaptcha plugin before 1.3.2 for WordPress has XSS. network low complexity vsourz CWE-79	6.1
2019-07-29	CVE-2019-13571	SQL Injection vulnerability in Vsourz Advanced CF7 DB A SQL injection vulnerability exists in the Vsourz Digital Advanced CF7 DB plugin through 1.6.1 for WordPress. network low complexity vsourz CWE-89 critical	9.8

Vulnerabilities > Vsourz {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vsourz"}]}

Vulnerabilities > Vsourz