WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Quick Event Manager Type Plugin Vulnerable versions = 9.7.4 Fixed in 9.7.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23974 Patch priority Low CVSS severity Low 5.4 Developer Fullworks Plugins PSID 5e2ae440ff0d Credits yuyudhn...

WordPress Quick Event Manager Plugin < 9.7.5 is vulnerable to Cross Site Scripting (XSS)

Software Quick Event Manager Type Plugin Vulnerable versions 9.7.5 Fixed in 9.7.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23491 Patch priority High CVSS severity High 7.1 Developer Fullworks Plugins PSID 38346c7453ae Credits Joshua Martinelle...

CVE-2022-37339

Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Meet My Team plugin = 2.0.5 at WordPress...

Cross site scripting

Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Meet My Team plugin = 2.0.5 at WordPress...

CVE-2022-37339 WordPress Meet My Team plugin <= 2.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor+ Stored Cross-Site Scripting XSS vulnerability in Fullworks Meet My Team plugin = 2.0.5 at WordPress...

CVE-2022-37339

CVE-2022-37339 affects the WordPress Meet My Team plugin (versions ≤ 2.0.5). The vulnerability is an Authenticated Stored Cross-Site Scripting (XSS) flaw in Fullworks Meet My Team, caused by insufficient sanitization/escaping of inputs. A user with Contributor+ privileges can inject script that m...

PT-2022-23935 · Fullworks · Fullworks Meet My Team Plugin

Name of the Vulnerable Software and Affected Versions: Fullworks Meet My Team plugin version 2.0.5 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with contributor or higher privileges can inject maliciou...

WordPress Fullworks Slack plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Fullworks Slack plugin versions = 1.0.1. Solution No patched version available...

WordPress Fullworks Slack plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Fullworks Slack plugin versions = 1.0.1. Solution No patched version available...

WordPress Fullworks Directory plugin <= 1.0.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Fullworks Directory plugin versions = 1.0.1. Solution No patched version available...

WordPress Fullworks Firewall plugin <= 1.1.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Fullworks Firewall plugin versions = 1.1.2. Solution No patched version available...

WordPress Fullworks Directory plugin <= 1.0.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Fullworks Directory plugin versions = 1.0.1. Solution No patched version available...

WordPress Fullworks Firewall plugin <= 1.1.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Fullworks Firewall plugin versions = 1.1.2. Solution No patched version available...