← Back

Tipsandtricks Hq

tipsandtricks-hq

75 CVEs • 18 products

Products (18)

Click to collapse
Toggle
Wp Affiliate Platform
wp_affiliate_platform
11 CVEs
All In One Wp Security & Firewall
all_in_one_wp_security_&_firewall
10 CVEs
Wp Emember
wp_emember
10 CVEs
Simple Download Monitor
simple_download_monitor
9 CVEs
Wp Estore
wp_estore
8 CVEs
Wordpress Simple Paypal Shopping Cart
wordpress_simple_paypal_shopping_cart
7 CVEs
Category Specific Rss Feed Subscription
category_specific_rss_feed_subscription
3 CVEs
Software License Manager
software_license_manager
3 CVEs
Wp Video Lightbox
wp_video_lightbox
3 CVEs
Compact Wp Audio Player
compact_wp_audio_player
3 CVEs
Wp Security & Firewall
wp_security_&_firewall
1 CVE
Far Future Expiry Header
far_future_expiry_header
1 CVE
Wp Simple Adsense Insertion
wp_simple_adsense_insertion
1 CVE
Accept Stripe
accept_stripe
1 CVE
Donations Via Paypal
donations_via_paypal
1 CVE
Easy Accept Payments For Paypal
easy_accept_payments_for_paypal
1 CVE
Wp Express Checkout
wp_express_checkout
1 CVE
Simple Photo Gallery
simple_photo_gallery
1 CVE

CVEs (75)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24665
1Tipsandtricks Hq
1Wp Video Lightbox
Nov 21, 2024
Aug 30, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a role as low as contributor to perform Cross-Site Scripting attacks
CVE-2021-20782
1Tipsandtricks Hq
1Software License Manager
Nov 21, 2024
Jul 14, 2021
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2020-29171
1Tipsandtricks Hq
1Wp Security & Firewall
Nov 21, 2024
Feb 10, 2021
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Security & Firewall (all-in-one-wp-security-and-firewall) plugin before 4.4.6 for WordPress.
CVE-2020-5651
1Tipsandtricks Hq
1Simple Download Monitor
Nov 21, 2024
Oct 21, 2020
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
SQL injection vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to execute arbitrary SQL commands via a specially crafted URL.
CVE-2020-5650
1Tipsandtricks Hq
1Simple Download Monitor
Nov 21, 2024
Oct 21, 2020
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CVE-2019-5993
1Tipsandtricks Hq
1Category Specific Rss Feed Subscription
Nov 21, 2024
Sep 12, 2019
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in Category Specific RSS feed Subscription version v2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVE-2016-10888
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 14, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues.
CVE-2016-10887
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 14, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues.
CVE-2015-9310
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 14, 2019
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
The all-in-one-wp-security-and-firewall plugin before 3.9.1 for WordPress has multiple SQL injection issues.
CVE-2016-10867
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 13, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages.
CVE-2016-10866
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 13, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues.
CVE-2016-10868
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 13, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.
CVE-2015-9294
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 13, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances.
CVE-2015-9293
1Tipsandtricks Hq
1All In One Wp Security & Firewall
Nov 21, 2024
Aug 13, 2019
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature.
CVE-2013-2705
1Tipsandtricks Hq
1Wordpress Simple Paypal Shopping Cart
May 6, 2026
May 13, 2014
N/A· v4
N/A· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change...Show more
Cross-site request forgery (CSRF) vulnerability in the WordPress Simple Paypal Shopping Cart plugin before 3.6 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings.Show less