PT-2024-39289 · WordPress · Pricing Tables Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Pricing Tables WordPress Plugin – Easy Pricing Tables plugin for WordPress versions up to, and including, 3.2.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site...

PT-2024-39713 · 10Web · 10Web Social Post Feed

Name of the Vulnerable Software and Affected Versions: 10Web Social Post Feed plugin for WordPress versions up to, and including, 1.2.9 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site Scripting. This allows...

CVE-2024-9231

The WP-Members Membership Plugin plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.9.5. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress plugin WP-Members Membership Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...

CVE-2024-9206

The MAS Companies For WP Job Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.0.13. This makes it possible for unauthenticated attackers to inject arbitrary we...

CVE-2024-8740

The GetResponse Forms by Optin Cat plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.5.6. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress plugin MAS Companies For WP Job Manager 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

PT-2024-39498 · WordPress · Wordpress Social Share Buttons

Name of the Vulnerable Software and Affected Versions: WordPress Social Share Buttons plugin versions up to, and including, 1.19 Description: The WordPress Social Share Buttons plugin is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on t...

WordPress plugin Discount Rules for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress 2D Tag Cloud plugin <= 6.0.2 - Reflected Cross-Site Scripting via add_query_arg Parameter vulnerability

Reflected Cross-Site Scripting via addqueryarg Parameter vulnerability discovered by Francesco Carlucci in WordPress Plugin 2D Tag Cloud versions = 6.0.2...

PT-2024-39717 · WordPress · Increase Upload File Size & Maximum Execution Time Limit

Name of the Vulnerable Software and Affected Versions: Increase upload file size & Maximum Execution Time limit plugin for WordPress versions up to and including 2.0 Description: The plugin is susceptible to Reflected Cross-Site Scripting due to the improper use of add query arg without adequate...

WordPress plugin Maximum Products per User for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the WordPress plugin Maximum...

PT-2024-39208 · WordPress · Easy Social Share Buttons

Name of the Vulnerable Software and Affected Versions: Easy Social Share Buttons plugin for WordPress versions up to, and including, 1.4.5 Description: The issue arises from the use of add query arg without proper escaping on the URL, allowing unauthenticated attackers to inject arbitrary web...

WordPress plugin Themify Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Fish and Ships 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2024-39267 · WordPress · Clio Grow

Name of the Vulnerable Software and Affected Versions: Clio Grow plugin for WordPress versions up to, and including, 1.0.2 Description: The Clio Grow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This...

WordPress plugin Magazine Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress plugin RabbitLoader 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin MC4WP: Mailchimp Top Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. WordPress plugin MC4WP: A cross-site scripting vulnerability exists in Mailchim...

CVE-2024-9209

The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.4.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...