92 matches found
CVE-2024-8656
The WPFactory Helper plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.7.0. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in page...
PT-2024-39209 · WordPress · Exit Notifier
Name of the Vulnerable Software and Affected Versions: Exit Notifier plugin for WordPress versions up to, and including, 1.9.1 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg without appropriate escaping on the URL. This allows unauthenticated...
PT-2019-7495 · Pippin Williamson · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...
PT-2019-7487 · WordPress · Easy Digital Downloads (Edd) Software Licensing Extension
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD Software Licensing extension for WordPress versions 1.8.x through 1.8.6 Easy Digital Downloads EDD Software Licensing extension for WordPress versions 1.9.x through 1.9.9 Easy Digital Downloads EDD Software Licensin...
PT-2019-7485 · Edd · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...
PT-2019-7468 · Sandhills Development · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...
PT-2019-7486 · Pippin Williamson · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...
PT-2019-7492 · Pippin Williamson · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...
PT-2019-7489 · Edd · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads EDD versions 1.8.x through 1.8.6 Easy Digital Downloads EDD versions 1.9.x through 1.9.9 Easy Digital Downloads EDD versions 2.0.x through 2.0.4 Easy Digital Downloads EDD versions 2.1.x through 2.1.10 Easy Digital...
PT-2019-8511
Name of the Vulnerable Software and Affected Versions mailchimp-for-wp plugin versions prior to 4.1.8 Description The issue concerns a problem where the return value of add query arg can be exploited, leading to XSS. Recommendations For versions prior to 4.1.8, update to version 4.1.8 or later to...
PT-2019-7264 · WordPress · Wp-Google-Map-Plugin
Name of the Vulnerable Software and Affected Versions: wp-google-map-plugin versions prior to 2.3.7 Description: The issue is related to Cross-Site Scripting XSS and involves the add query arg and remove query arg functions. Recommendations: For versions prior to 2.3.7, update to version 2.3.7 or...
DEBIAN-CVE-2017-14313
The shibbolethloginform function in shibboleth.php in the Shibboleth plugin before 1.8 for WordPress is prone to an XSS vulnerability due to improper use of addqueryarg...