CVE-2023-2204

A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file faqs.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The...

CVE-2019-17232

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...

CVE-2019-17233

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...

CVE-2019-15643

The ultimate-faqs plugin before 1.8.22 for WordPress has XSS...

CVE-2019-14968

An issue was discovered in imcat 4.9. There is SQL Injection via the index.php order parameter in a mod=faqs action...

CVE-2024-56033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through = 1.0.2...

CVE-2025-23795

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ghuger Easy FAQs easy-faqs allows Stored XSS.This issue affects Easy FAQs: from n/a through = 3.2.1...

CVE-2025-23795 WordPress Easy FAQs plugin <= 3.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ghuger Easy FAQs easy-faqs allows Stored XSS.This issue affects Easy FAQs: from n/a through = 3.2.1...

CVE-2025-23795 WordPress Easy FAQs plugin <= 3.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ghuger Easy FAQs easy-faqs allows Stored XSS.This issue affects Easy FAQs: from n/a through = 3.2.1...

CVE-2025-23795

CVE-2025-23795 is a stored XSS in the WordPress Easy FAQs plugin (vulnerable through 3.2.1). Exploitation requires authentication (Contributor+). Root cause: improper input handling during web page generation. Current connected sources (Red Hat RH:CVE-2025-23795 and Wordfence vulnerability listin...

WordPress Easy FAQs plugin <= 3.2.1 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Easy FAQs versions = 3.2.1...

PT-2025-5095 · Gold Plugins · Gold Plugins Easy Faqs

Name of the Vulnerable Software and Affected Versions: Gold Plugins Easy FAQs versions prior to 3.2.1 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can inject maliciou...

CVE-2024-56033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through = 1.0.2...

CVE-2024-56033 WordPress FAQs plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through = 1.0.2...

CVE-2024-56033 WordPress FAQs plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through = 1.0.2...

CVE-2024-56033

CVE-2024-56033 is a Reflected Cross-Site Scripting vulnerability described for Think201 FAQs (WordPress FAQs plugin). Affected version range is from n/a through 1.0.2. CVSS v3.1 base score 7.1 (HIGH) with Network attack vector, Low confidentiality, Integrity, and Availability impacts; user intera...

WordPress plugin FAQs 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

WordPress FAQs plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin FAQs versions = 1.0.2...

CVE-2024-54246

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Stored XSS.This issue affects FAQs: from n/a through = 1.0.2...

CVE-2024-54246 WordPress FAQs plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Stored XSS.This issue affects FAQs: from n/a through = 1.0.2...