CVE-2025-24629 WordPress Import Excel to Gravity Forms Plugin <= 1.18 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpgear Import Excel to Gravity Forms gf-excel-import allows Reflected XSS.This issue affects Import Excel to Gravity Forms: from n/a through = 1.18...

WordPress Import Spreadsheets from Microsoft Excel plugin <= 10.1.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin Import Spreadsheets from Microsoft Excel versions = 10.1.4...

CVE-2024-32585 WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Excel: from n/a through 4.2...

WordPress Import Content in WordPress & WooCommerce with Excel plugin <= 4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Yudistira Arya Patchstack Alliance in WordPress Plugin Import Content in WordPress & WooCommerce with Excel versions = 4.2...

WordPress Import Content in WordPress & WooCommerce with Excel Plugin <= 4.2 is vulnerable to Cross Site Scripting (XSS)

Software Import Content in WordPress & WooCommerce with Excel Type Plugin Vulnerable versions = 4.2 Fixed in 4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32585 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID 597c127e874d Credits...

Live updates from Excel < 2.3.3 - Contributor+ Stored Cross-Site Scripting

Description The plugin does not properly sanitize and escape user supplied attributes in the 'ipushpullpage' shortcode. This lack of sufficient input validation could potentially allow script injection...

CVE-2023-5116 Live updates from Excel <= 2.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Live updates from Excel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ipushpullpage' shortcode in versions up to, and including, 2.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-5116

CVE-2023-5116 affects the WordPress plugin Live updates from Excel (ipushpull). The vulnerability is a Stored Cross-Site Scripting (XSS) in the ipushpull_page shortcode, caused by insufficient input sanitization and output escaping of user-supplied attributes. Affected versions are up to 2.3.2; e...

WordPress Live updates from Excel Plugin <= 2.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Live updates from Excel Type Plugin Vulnerable versions = 2.3.2 Fixed in 2.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5116 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8b029eafe8b8 Credits Alex Thomas...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

WordPress RSVPmaker Excel plugin <= 1.1 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress RSVPmaker Excel plugin versions = 1.1. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...

CVE-2016-3555

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PGC / Excel Plugin...

Design/Logic Flaw

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PGC / Excel Plugin...

CVE-2016-3555

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PGC / Excel Plugin...

CVE-2016-3555

Unspecified vulnerability in the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5 allows remote attackers to affect confidentiality and integrity via vectors related to PGC / Excel Plugin...