Strategy11 CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Strategy11 Subscriptions

Search

Switch to Advanced Search (Beta)

Total 27 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-24179	1 Strategy11	1 Business Directory Plugin - Easy Listing Directories	2024-11-21	8.8 High
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11 suffered from a Cross-Site Request Forgery issue, allowing an attacker to make a logged in administrator import files. As the plugin also did not validate uploaded files, it could lead to RCE.
CVE-2021-24178	1 Strategy11	1 Business Directory Plugin - Easy Listing Directories	2024-11-21	8.8 High
The Business Directory Plugin – Easy Listing Directories for WordPress WordPress plugin before 5.11.1 suffered from Cross-Site Request Forgery issues, allowing an attacker to make a logged in administrator add, edit or delete form fields, which could also lead to Stored Cross-Site Scripting issues.
CVE-2019-15780	1 Strategy11	1 Formidable Form Builder	2024-11-21	9.8 Critical
The formidable plugin before 4.02.01 for WordPress has unsafe deserialization.
CVE-2014-10013	1 Strategy11	1 Awp Classifieds	2024-11-21	N/A
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.
CVE-2014-10012	1 Strategy11	1 Awp Classifieds	2024-11-21	N/A
Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
CVE-2017-20194	1 Strategy11	2 Formidable Form Builder, Formidable Forms	2024-10-30	5.3 Medium
The Formidable Form Builder plugin for WordPress is vulnerable to Sensitive Data Exposure in versions up to, and including, 2.05.03 via the frm_forms_preview AJAX action. This makes it possible for unauthenticated attackers to export all of the form entries for a given form.
CVE-2017-20192	1 Strategy11	1 Formidable Forms	2024-10-16	8.3 High
The Formidable Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters submitted during form entries like 'after_html' in versions before 2.05.03 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser.

« first previous Page 2 of 2.