Known Vulnerabilities for products from Tipsandtricks-hq
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Tipsandtricks-hq".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-22691 json | Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plu... | 8.8 - HIGH | 2023-05-03 | 2023-05-09 |
| CVE-2023-22685 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed S... | 4.8 - MEDIUM | 2023-05-12 | 2023-05-22 |
| CVE-2023-6497 json | The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the automatic redire... | Not Provided | 2024-01-27 | 2026-04-08 |
| CVE-2023-1469 json | The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ para... | 4.8 - MEDIUM | 2023-03-17 | 2023-11-07 |
| CVE-2023-1431 json | The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and inclu... | 5.3 - MEDIUM | 2023-03-16 | 2023-11-07 |
| CVE-2023-0275 json | The Easy Accept Payments for PayPal WordPress plugin before 4.9.10 does not validate and escape some of its shortcode attribu... | 5.4 - MEDIUM | 2023-02-13 | 2023-11-07 |
| CVE-2022-47588 json | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tips and Tricks HQ, Pet... | 9.8 - CRITICAL | 2023-11-03 | 2023-11-13 |
| CVE-2022-44737 json | Multiple Cross-Site Request Forgery vulnerabilities in All-In-One Security (AIOS) – Security and Firewall (WordPress plugin... | 8.8 - HIGH | 2022-11-22 | 2023-11-07 |
| CVE-2022-4672 json | The WordPress Simple Shopping Cart WordPress plugin before 4.6.2 does not validate and escape some of its shortcode attribute... | 5.4 - MEDIUM | 2023-01-23 | 2023-11-07 |
| CVE-2022-4542 json | The Compact WP Audio Player WordPress plugin before 1.9.8 does not validate and escape some of its shortcode attributes befor... | 5.4 - MEDIUM | 2023-01-23 | 2023-11-07 |
| CVE-2022-4465 json | The WP Video Lightbox WordPress plugin before 1.9.7 does not validate and escape some of its shortcode attributes before outp... | 5.4 - MEDIUM | 2023-01-16 | 2023-11-07 |
| CVE-2022-3898 json | The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, ... | Not Provided | 2022-11-29 | 2026-04-08 |
| CVE-2022-3897 json | The WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in version... | Not Provided | 2022-11-29 | 2026-04-08 |
| CVE-2022-3896 json | The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER["REQUEST_URI"] in... | Not Provided | 2022-11-29 | 2026-04-08 |
| CVE-2022-3822 json | The Donations via PayPal WordPress plugin before 1.9.9 does not sanitise and escape some of its settings, which could allow h... | 4.8 - MEDIUM | 2022-11-28 | 2023-11-07 |
| CVE-2022-2194 json | The Accept Stripe Payments WordPress plugin before 2.0.64 does not sanitize and escape some of its settings, allowing high pr... | 4.8 - MEDIUM | 2022-07-17 | 2022-07-18 |
| CVE-2022-2189 json | The WP Video Lightbox WordPress plugin before 1.9.5 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting i... | 6.1 - MEDIUM | 2022-07-25 | 2022-07-29 |
| CVE-2022-1695 json | The WP Simple Adsense Insertion WordPress plugin before 2.1 does not perform CSRF checks on updates to its admin page, allowi... | 4.3 - MEDIUM | 2022-06-08 | 2022-06-15 |
| CVE-2021-25102 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 4.7 - MEDIUM | 2022-05-02 | 2022-05-10 |
| CVE-2021-24799 json | The Far Future Expiry Header WordPress plugin before 1.5 does not have CSRF check when saving its settings, which could allow... | 4.3 - MEDIUM | 2021-11-01 | 2021-11-02 |
Known software with vulnerabilities from Tipsandtricks-hq
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Tipsandtricks-hq | All In One Wp Security Amp Firewall | - |
| Application | Tipsandtricks-hq | Category Specific Rss Feed Subscription | - |
| Application | Tipsandtricks-hq | Simple Download Monitor | 2.0 |
| Application | Tipsandtricks-hq | Wordpress Simple Paypal Shopping Cart | 1.2 |
| Application | Tipsandtricks-hq | Wp Security Amp Firewall | 1.0 |