Lucene search
K

93 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.8 views

CVE-2023-23889

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

6.5CVSS5.6AI score0.00361EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:12 a.m.9 views

CVE-2023-23885

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...

6.5CVSS5.6AI score0.00386EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:11 a.m.7 views

CVE-2023-23974

Cross-Site Request Forgery CSRF vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 affecting all registration actions delete, delete all, edit, update...

5.4CVSS7.1AI score0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:39 a.m.5 views

CVE-2023-23979

Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...

7.1CVSS5.2AI score0.00406EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:10 a.m.11 views

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

5.3CVSS5.1AI score0.0064EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.7 views

PT-2025-22783 · Fullworks · Fullworks Quick Contact Form

Name of the Vulnerable Software and Affected Versions: fullworks Quick Contact Form versions n/a through 8.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables potential...

7.1CVSS6.7AI score0.00185EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 9:52 p.m.8 views

CVE-2022-47608

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/09 3:23 p.m.6 views

CVE-2025-47510

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows PHP Local File Inclusion.This issue affects Display Eventbrite Events: from n/a through 6.3...

7.5CVSS7.2AI score0.0061EPSS
Exploits0References1
NVD
NVD
added 2024/12/09 1:15 p.m.11 views

CVE-2023-25035

Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1...

6.5CVSS0.00685EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.54 views

CVE-2023-23975

The CVE-2023-23975 entry concerns the WordPress Quick Event Manager plugin (versions

5.3CVSS5.1AI score0.0064EPSS
Exploits0References1
CVE
CVE
added 2024/12/09 11:31 a.m.49 views

CVE-2023-25035

CVE-2023-25035 refers to a Broken Access Control vulnerability in the WordPress plugin Quick Contact Form (

6.5CVSS8AI score0.00685EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/12/09 11:31 a.m.15 views

CVE-2023-25035 WordPress Quick Contact Form plugin <= 8.0.3.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1...

6.5CVSS8AI score0.00685EPSS
Exploits0References1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.9 views

WordPress Fullworks Firewall Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Fullworks Firewall Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0a683f965888 Credits Rafie Muhammad Patchstack...

6.4AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Anti-Spam by Fullworks : GDPR Compliant Spam Protection Plugin < 1.3.10 is vulnerable to Cross Site Scripting (XSS)

Software Anti-Spam by Fullworks : GDPR Compliant Spam Protection Type Plugin Vulnerable versions 1.3.10 Fixed in 1.3.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 667570386c1...

6.8AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.7 views

WordPress Fullworks Slack Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Fullworks Slack Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a8ad72a132f Credits Rafie Muhammad Patchstack Required...

6.8AI score0.00284EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.8 views

WordPress Quick Event Manager Plugin < 9.8.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Quick Event Manager Type Plugin Vulnerable versions 9.8.5.3 Fixed in 9.8.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 5068fcdc6585 Credits Rafie Muhammad Patchstac...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/07/18 12:0 a.m.6 views

WordPress Quick Paypal Payments Plugin < 5.7.29 is vulnerable to Cross Site Scripting (XSS)

Software Quick Paypal Payments Type Plugin Vulnerable versions 5.7.29 Fixed in 5.7.29 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID f299ef079138 Credits Rafie Muhammad Patchstac...

6.2AI score0.00284EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/04/25 8:15 p.m.26 views

CVE-2023-23889

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

6.5CVSS5.9AI score0.00361EPSS
Exploits0References1
OSV
OSV
added 2023/04/25 8:15 p.m.3 views

CVE-2023-23889

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

5.4CVSS6.7AI score0.00361EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/25 7:24 p.m.10 views

CVE-2023-23889 WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

6.5CVSS5.5AI score0.00361EPSS
Exploits0References1
Rows per page
Query Builder