Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up
Fahad Mahmood

Vulnerabilities

CVE-2024-56288

MEDIUM

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.2.1.

Published Jan 07, 2025

CVE-2024-56223

HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood Gulri Slider allows Reflected XSS.This issue affects Gulri Slider: from n/a through 3.5.8.

Published Dec 31, 2024

CVE-2024-54344

HIGH

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Quick Shop allows Reflected XSS.This issue affects WP Quick Shop: from n/a through 1.3.1.

Published Dec 13, 2024

CVE-2023-32574

MEDIUM

Missing Authorization vulnerability in Fahad Mahmood Injection Guard allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Injection Guard: from n/a through 1.2.1.

Published Dec 13, 2024

CVE-2023-30873

MEDIUM

Missing Authorization vulnerability in Fahad Mahmood WP Docs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Docs: from n/a through 1.9.8.

Published Dec 09, 2024

CVE-2024-47321

MEDIUM

Missing Authorization vulnerability in Fahad Mahmood WP Datepicker allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WP Datepicker: from n/a through 2.1.1.

Published Nov 01, 2024

CVE-2024-49629

HIGH

Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through 2.2.7.

Published Oct 20, 2024

CVE-2024-48024

HIGH

: Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Fahad Mahmood Keep Backup Daily allows Retrieve Embedded Sensitive Data.This issue affects Keep Backup Daily: from n/a through 2.0.7.

Published Oct 17, 2024

CVE-2024-44042

MEDIUM

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Datepicker allows Stored XSS.This issue affects WP Datepicker: from n/a through 2.1.1.

Published Oct 06, 2024

CVE-2024-31294

MEDIUM

Missing Authorization vulnerability in Fahad Mahmood WP Sort Order.This issue affects WP Sort Order: from n/a through 1.3.1.

Published Jun 09, 2024

CVE-2024-35695

MEDIUM

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Stored XSS.This issue affects WP Docs: from n/a through 2.1.3.

Published Jun 08, 2024

CVE-2024-35696

HIGH

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs allows Reflected XSS.This issue affects WP Docs: from n/a through 2.1.3.

Published Jun 08, 2024

CVE-2024-32690

MEDIUM

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood RSS Feed Widget allows Stored XSS.This issue affects RSS Feed Widget: from n/a through 2.9.7.

Published Apr 22, 2024

CVE-2023-32106

HIGH

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <= 1.9.9 versions.

Published Aug 18, 2023

CVE-2022-44736

MEDIUM

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Chameleon plugin <= 1.4.3 on WordPress.

Published Nov 17, 2022