Known Vulnerabilities for products from Tipsandtricks-hq

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Tipsandtricks-hq".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2021-24799 The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow... 4.3 - MEDIUM 2021-11-01 2021-11-02
CVE-2021-24735 The Compact WP Audio Player WordPress plugin before 1.9.7 does not implement nonce checks, which could allow attackers to mak... 6.5 - MEDIUM 2021-10-18 2021-10-22
CVE-2021-24734 The Compact WP Audio Player WordPress plugin before 1.9.7 does not escape some of its shortcodes attributes, which could allo... 5.4 - MEDIUM 2021-10-18 2021-10-21
CVE-2021-24711 The del_reistered_domains AJAX action of the Software License Manager WordPress plugin before 4.5.1 does not have any CSRF ch... 8.8 - HIGH 2021-10-11 2021-10-15
CVE-2021-24698 The Simple Download Monitor WordPress plugin before 3.9.6 allows users with a role as low as Contributor to remove thumbnails... 4.3 - MEDIUM 2021-11-08 2021-11-11
CVE-2021-24697 The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the 1) sdm_active_tab GET parameter and 2) sdm_stat... 6.1 - MEDIUM 2021-11-08 2021-11-11
CVE-2021-24695 The Simple Download Monitor WordPress plugin before 3.9.6 saves logs in a predictable location, and does not have any authent... 7.5 - HIGH 2021-11-08 2021-11-10
CVE-2021-24693 The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it... 9 - CRITICAL 2021-11-08 2021-11-10
CVE-2021-24665 The WP Video Lightbox WordPress plugin before 1.9.3 does not escape the attributes of its shortcodes, allowing users with a r... 5.4 - MEDIUM 2021-08-30 2021-09-02
CVE-2021-24560 The Software License Manager WordPress plugin before 4.4.8 does not sanitise or escape the edit_record parameter before outpu... 6.1 - MEDIUM 2021-09-13 2021-09-23
CVE-2021-20782 Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers t... 8.8 - HIGH 2021-07-14 2021-07-15
CVE-2020-29171 Cross-site scripting (XSS) vulnerability in admin/wp-security-blacklist-menu.php in the Tips and Tricks HQ All In One WP Secu... 6.1 - MEDIUM 2021-02-10 2021-02-11
CVE-2020-5651 SQL injection vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to execute arbitrary SQL com... 8.8 - HIGH 2020-10-21 2020-10-27
CVE-2020-5650 Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrar... 6.1 - MEDIUM 2020-10-21 2020-10-27
CVE-2019-5993 Cross-site request forgery (CSRF) vulnerability in Category Specific RSS feed Subscription version v2.0 and earlier allows re... 8.8 - HIGH 2019-09-12 2019-09-16
CVE-2016-10888 The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues. 9.8 - CRITICAL 2019-08-14 2019-08-19
CVE-2016-10887 The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues. 9.8 - CRITICAL 2019-08-14 2019-08-19
CVE-2016-10868 The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file cha... 6.1 - MEDIUM 2019-08-13 2019-08-16
CVE-2016-10867 The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages. 6.1 - MEDIUM 2019-08-13 2020-02-09
CVE-2016-10866 The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues. 6.1 - MEDIUM 2019-08-13 2019-08-15

Known software with vulnerabilities from Tipsandtricks-hq

Type Vendor Product Version
ApplicationTipsandtricks-hqAll In One Wp Security Amp Firewall-
ApplicationTipsandtricks-hqCategory Specific Rss Feed Subscription-
ApplicationTipsandtricks-hqSimple Download Monitor2.0
ApplicationTipsandtricks-hqWordpress Simple Paypal Shopping Cart1.2
ApplicationTipsandtricks-hqWp Security Amp Firewall1.0

Popular searches for "Tipsandtricks-hq"

Home - Tips and Tricks HQ

www.tipsandtricks-hq.com

Home - Tips and Tricks HQ We have been told that we make some pretty awesome WordPress plugins. Here at Tips and Tricks HQ, we publish practical and useful articles for web developers, WordPress admins and web masters. We have a range of WordPress plugins that can help you accept money from your customers and turn your site into an eCommerce or membership site. A huge shout out to the team at Tips and Tricks for providing the most fantastic, easy to use, robust plugins for WordPress.

www.tipsandtricks-hq.com/?ap_id=EdmontonPM www.tipsandtricks-hq.com/?ap_id=blondie11 www.tipsandtricks-hq.com/?ap_id=mbllc17 digitalaccesspass.com/wpestore.php WordPress Plug-in (computing) Windows Phone Usability Internet forum E-commerce Tips & Tricks (magazine) Copyright law of the United States Web development World Wide Web Awesome (window manager) Website Web developer Robustness (computer science) Sysop Data definition language Name-dropping Free software Blog Software

Privacy Policy

www.tipsandtricks-hq.com/privacy-policy

Privacy Policy Tips and Tricks HQ respects your privacy. At Tips and Tricks HQ, we are aware of the trust you place in us and our responsibility to protect your privacy. Below is a list of the information that Tips and Tricks HQ gathers, how its used, and how you can opt-out. Please contact us if you

Privacy Privacy policy Information Web browser HTTP cookie Opt-out Windows Phone Data Tips & Tricks (magazine) Website Comment (computer programming) IP address Email address Gravatar Database Plug-in (computing) Dedicated hosting service User agent Spamming Patch (computing)