Known vulnerabilities in modules and components for cms

Forum & blogging software

CMS

Modules and components for CMS

CRM systems

Cryptocurrency software

E-Commerce systems

Remote management & hosting panels

JS libraries

Other software

Webmail solutions

Missing Authorization in Modules extension for TYPO313 Nov, 2025
High Patched

Server-Side Request Forgery (SSRF) in Forms Export extension for TYPO313 Nov, 2025
Medium Patched

Cross-site request forgery in Publish approval plugin for WordPress07 Nov, 2025
Low Not Patched

Cross-site request forgery in Side Slide Responsive Menu plugin for WordPress07 Nov, 2025
Low Not Patched

Cross-site request forgery in User Sync – Remote User Sync plugin for WordPress07 Nov, 2025
Low Patched

Multiple vulnerabilities in The Hack Repair Guy's Plugin Archiver plugin for WordPress07 Nov, 2025
Low Patched

Stored cross-site scripting in Appointmind plugin for WordPress07 Nov, 2025
Low Patched

Cross-site request forgery in Seo Monster plugin for WordPress06 Nov, 2025
Low Not Patched

Cross-site request forgery in Run Log plugin for WordPress06 Nov, 2025
Low Patched

Cross-site scripting in OctoPrint06 Nov, 2025
Low Patched

Open redirect in Datasette06 Nov, 2025
Medium Patched

Improper access control in Email TFA module for Drupal06 Nov, 2025
Medium Patched

Cross-site scripting in Simple multi step form module for Drupal06 Nov, 2025
Low Patched

Cross-site scripting in KKProgressbar2 Free WordPress plugin06 Nov, 2025
Medium Patched

Denial of service via SSRF in Parse Server05 Nov, 2025
Medium Patched

Stored cross-site scripting in Smart Table Builder plugin for WordPress05 Nov, 2025
Low Patched

Stored cross-site scripting in Admin Menu Editor plugin for WordPress05 Nov, 2025
Low Patched

Cross-site request forgery in PopAd plugin for WordPress05 Nov, 2025
Low Not Patched

SQL injection in GLPI Inventory plugin04 Nov, 2025
High Patched

Cross-site request forgery in PayPal Forms plugin for WordPress04 Nov, 2025
Low Not Patched