CVE

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Syntactics, Inc. EaSYNC plugin <= 1.3.7 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GetButton Chat Button by GetButton.Io plugin <= 1.8.9.4 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology WP Full Stripe Free plugin <= 1.6.1 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in VillaTheme WPBulky plugin <= 1.0.10 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ransom Christofferson PDQ CSV plugin <= 1.0.0 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Never5 Post Connector plugin <= 1.0.9 versions.

A vulnerability was found in SourceCodester Doctors Appointment System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php. The manipulation of the argument useremail leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236365 was assigned to this vulnerability.

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page.

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page.

Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal.