Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Awpcp Subscribe
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-3254 1 Awpcp 1 Another Wordpress Classifieds Plugin 2022-11-01 N/A 9.8 CRITICAL
The WordPress Classifieds Plugin WordPress plugin before 4.3 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users and when a specific premium module is active, leading to a SQL injection
CVE-2014-10012 1 Awpcp 1 Another Wordpress Classifieds Plugin 2017-09-07 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to inject arbitrary web script or HTML via the query string to the default URI.
CVE-2014-10013 1 Awpcp 1 Another Wordpress Classifieds Plugin 2017-09-07 7.5 HIGH N/A
SQL injection vulnerability in the Another WordPress Classifieds Plugin plugin for WordPress allows remote attackers to execute arbitrary SQL commands via the keywordphrase parameter in a dosearch action.
CVE-2012-4874 2 Awpcp, Wordpress 2 Another Wordpress Classifieds Plugin, Wordpress 2012-09-06 10.0 HIGH N/A
Unspecified vulnerability in the Another WordPress Classifieds Plugin before 2.0 for WordPress has unknown impact and attack vectors related to "image uploads."