emarket-design
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting emarket-design.
- CVE-2026-9848WP Ticket <= 6.0.4 - Unauthenticated SQL Injection via WordPress Search 's' Parameter7.5
- CVE-2025-15636WordPress YouTube Showcase plugin <= 3.5.1 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2025-64248WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability4.3
- CVE-2025-13403Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.3 - Missing Authorization to Authenticated (Subscriber+) Tracking Opt-In/Opt-Out Modification5.3
- CVE-2025-12090Employee Spotlight – Team Member Showcase & Meet the Team Plugin <= 5.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4
- CVE-2025-60157WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability6.5
- CVE-2025-58915WordPress Request a Quote plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2025-54731WordPress YouTube Showcase Plugin <= 3.5.1 - PHP Object Injection Vulnerability8.1
- CVE-2025-53584WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - PHP Object Injection Vulnerability8.1
- CVE-2025-53583WordPress Employee Spotlight Plugin <= 5.1.1 - PHP Object Injection Vulnerability8.1
- CVE-2025-53572WordPress WP Easy Contact Plugin <= 4.0.1 - PHP Object Injection Vulnerability8.1
- CVE-2025-53243WordPress Employee Directory – Staff Listing & Team Directory plugin for WordPress plugin <= 4.5.5 - PHP Object Injection vulnerability8.1
- CVE-2025-8314Software Issue Manager <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter6.4
- CVE-2025-8420Multiple Plugins by emarket-design <= Multiple Versions - Unauthenticated Limited Remote Code Execution8.1
- CVE-2025-8295Employee Directory <= 4.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via noaccess_msg Parameter6.4