Filtered by vendor Connections-pro Subscriptions

Search

Switch to Advanced Search (Beta)
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-29437 1 Connections-pro 1 Connections Business Directory 2024-11-21 6.5 Medium
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.
CVE-2021-24794 1 Connections-pro 1 Connections Business Directory 2024-11-21 4.8 Medium
The Connections Business Directory WordPress plugin before 10.4.3 does not escape the Address settings when creating an Entry, which could allow high privilege users to perform Cross-Site Scripting when the unfiltered_html capability is disallowed.
CVE-2020-36503 1 Connections-pro 1 Connections Business Directory 2024-11-21 8.0 High
The Connections Business Directory WordPress plugin before 9.7 does not validate or sanitise some connections' fields, which could lead to a CSV injection issue