93 matches found
CVE-2023-23889
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...
CVE-2023-23885
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...
CVE-2023-23974
Cross-Site Request Forgery CSRF vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 affecting all registration actions delete, delete all, edit, update...
CVE-2023-23979
Unauth. Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Event Manager plugin = 9.7.4 versions...
CVE-2023-23975
Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...
PT-2025-22783 · Fullworks · Fullworks Quick Contact Form
Name of the Vulnerable Software and Affected Versions: fullworks Quick Contact Form versions n/a through 8.2.1 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This enables potential...
CVE-2022-47608
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Contact Form plugin = 8.0.3.1 versions...
CVE-2025-47510
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows PHP Local File Inclusion.This issue affects Display Eventbrite Events: from n/a through 6.3...
CVE-2023-25035
Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1...
CVE-2023-23975
The CVE-2023-23975 entry concerns the WordPress Quick Event Manager plugin (versions
CVE-2023-25035
CVE-2023-25035 refers to a Broken Access Control vulnerability in the WordPress plugin Quick Contact Form (
CVE-2023-25035 WordPress Quick Contact Form plugin <= 8.0.3.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Fullworks Quick Contact Form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Contact Form : from n/a through 8.0.3.1...
WordPress Fullworks Firewall Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)
Software Fullworks Firewall Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0a683f965888 Credits Rafie Muhammad Patchstack...
WordPress Anti-Spam by Fullworks : GDPR Compliant Spam Protection Plugin < 1.3.10 is vulnerable to Cross Site Scripting (XSS)
Software Anti-Spam by Fullworks : GDPR Compliant Spam Protection Type Plugin Vulnerable versions 1.3.10 Fixed in 1.3.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 667570386c1...
WordPress Fullworks Slack Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Fullworks Slack Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4a8ad72a132f Credits Rafie Muhammad Patchstack Required...
WordPress Quick Event Manager Plugin < 9.8.5.3 is vulnerable to Cross Site Scripting (XSS)
Software Quick Event Manager Type Plugin Vulnerable versions 9.8.5.3 Fixed in 9.8.5.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID 5068fcdc6585 Credits Rafie Muhammad Patchstac...
WordPress Quick Paypal Payments Plugin < 5.7.29 is vulnerable to Cross Site Scripting (XSS)
Software Quick Paypal Payments Type Plugin Vulnerable versions 5.7.29 Fixed in 5.7.29 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Fullworks Plugins PSID f299ef079138 Credits Rafie Muhammad Patchstac...
CVE-2023-23889
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...
CVE-2023-23889
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...
CVE-2023-23889 WordPress Quick Paypal Payments Plugin <= 5.7.25 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...