Etoilewebdesign
etoilewebdesign
26 CVEs • 6 products
Products (6)
Click to collapseToggle
Products (6)
Click to collapse
CVEs (26)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Etoilewebdesign 1Ultimate Faq Nov 21, 2024 Jan 16, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php. |
1Etoilewebdesign 1Ultimate Faq Nov 21, 2024 Oct 7, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection. |
Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. |
1Etoilewebdesign 1Ultimate Faq Nov 21, 2024 Aug 27, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The ultimate-faqs plugin before 1.8.22 for WordPress has XSS. |
1Etoilewebdesign 1Ultimate Product Catalog May 13, 2026 Aug 2, 2017 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has XSS in the Add Product Manually component. |
1Etoilewebdesign 1Ultimate Product Catalog May 13, 2026 Aug 2, 2017 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The Etoile Ultimate Product Catalog plugin 4.2.11 for WordPress has SQL injection with these wp-admin/admin-ajax.php POST actions: catalogue_update_order list-item, video_update_order video-item, image_update_order list-...Show more |