141 matches found
CVE-2024-37958
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Smart Author Widget allows Stored XSS.This issue affects Meks Smart Author Widget: from n/a through 1.1.4...
CVE-2023-25989
Cross-Site Request Forgery CSRF vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading t...
CVE-2022-2574
The Meks Easy Social Share WordPress plugin before 1.2.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2021-24958
The Meks Easy Photo Feed Widget WordPress plugin before 1.2.4 does not have capability and CSRF checks in the mekssavebusinessselectedaccount AJAX action, available to any authenticated user, and does not escape some of the settings. As a result, any authenticated user, such as subscriber could...
CVE-2025-47621
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...
CVE-2025-47621
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...
WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Meks Flexible Shortcodes versions = 1.3.6...
CVE-2025-47621
CVE-2025-47621 affects Meks Flexible Shortcodes (WordPress plugin), with stored XSS due to improper input neutralization in web page generation. Affected versions are 1.3.6 and earlier. The vulnerability was labeled patched in the Wordfence vulnerability details, indicating a fix is available, th...
CVE-2025-47621 WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...
CVE-2025-47621 WordPress Meks Flexible Shortcodes plugin <= 1.3.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Meks Meks Flexible Shortcodes meks-flexible-shortcodes allows Stored XSS.This issue affects Meks Flexible Shortcodes: from n/a through = 1.3.6...
WordPress plugin Meks Flexible Shortcodes 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2025-20187 · Unknown · Meks Flexible Shortcodes
Name of the Vulnerable Software and Affected Versions: Meks Flexible Shortcodes versions 1.3.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This enables potential attackers to...
CVE-2024-38733
Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12...
CVE-2024-38733 WordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12...
CVE-2024-38733
CVE-2024-38733 refers to a Missing Authorization vulnerability in the WordPress plugin Meks Video Importer (affected: versions up to and including 1.0.12). The issue results from incorrectly configured access control, described as a Missing Authorization / Broken Access Control scenario, allowing...
CVE-2024-38733 WordPress Meks Video Importer plugin <= 1.0.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Meks Meks Video Importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meks Video Importer: from n/a through 1.0.12...
WordPress plugin Meks Video Importer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2024-28177 · Unknown · Meks Video Importer
Name of the Vulnerable Software and Affected Versions: Meks Video Importer versions 1.0.12 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For Meks Video...
CVE-2024-37548
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8...
CVE-2024-37548
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8...