Known Vulnerabilities for products from Awplife
Listed below are 14 of the newest known vulnerabilities associated with the vendor "Awplife".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2024-5638 json | The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'ti_customi... | Not Provided | 2024-06-08 | 2026-04-08 |
| CVE-2024-5613 json | The Formula theme for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘id’ parameter in the 'quality_cu... | Not Provided | 2024-06-08 | 2026-04-08 |
| CVE-2024-1895 json | The Event Monster – Event Management, Tickets Booking, Upcoming Event plugin for WordPress is vulnerable to PHP Object Inje... | Not Provided | 2024-04-30 | 2026-04-08 |
| CVE-2024-1859 json | The Slider Responsive Slideshow – Image slider, Gallery slideshow plugin for WordPress is vulnerable to PHP Object Injectio... | Not Provided | 2024-03-01 | 2026-04-08 |
| CVE-2024-1475 json | The Coming Soon Maintenance Mode plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, ... | Not Provided | 2024-02-29 | 2026-04-08 |
| CVE-2023-23646 json | Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Album Gallery – WordPress Gallery plugin <= 1.4.9 versions. | 8.8 - HIGH | 2023-07-17 | 2023-07-26 |
| CVE-2023-5295 json | The Comments by Startbit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'vivafbcomment' shortcode in v... | Not Provided | 2023-09-30 | 2026-04-08 |
| CVE-2023-5291 json | The Blog Filter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'AWL-BlogFilter' shortcode in versions ... | Not Provided | 2023-10-04 | 2026-04-08 |
| CVE-2022-3720 json | The Event Monster WordPress plugin before 1.2.0 does not validate and escape some parameters before using them in SQL stateme... | 7.2 - HIGH | 2022-11-21 | 2023-11-07 |
| CVE-2022-3336 json | The Event Monster WordPress plugin before 1.2.0 does not have CSRF check when deleting visitors, which could allow attackers ... | 4.3 - MEDIUM | 2022-11-21 | 2023-11-07 |
| CVE-2021-24709 json | The Weather Effect WordPress plugin before 1.3.6 does not properly validate and escape some of its settings (like *_size_leaf... | 4.8 - MEDIUM | 2021-10-11 | 2021-10-15 |
| CVE-2021-24683 json | The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not ... | 5.4 - MEDIUM | 2021-10-11 | 2022-11-09 |
| CVE-2021-24529 json | The Grid Gallery – Photo Image Grid Gallery WordPress plugin before 1.2.5 does not properly sanitize the title field for im... | 5.4 - MEDIUM | 2021-08-23 | 2023-11-07 |
| CVE-2019-17072 json | The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injectio... | 9.8 - CRITICAL | 2019-10-10 | 2019-10-10 |
Known software with vulnerabilities from Awplife
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Awplife | Contact Form Widget | 1.0.10 |