14 matches found
CVE-2024-9371
The Branda – White Label & Branding, Custom Login Page Customizer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.4.19. This makes it possible for unauthenticated...
CVE-2015-9361
The Related Posts plugin before 1.8.2 for WordPress has XSS via addqueryarg and removequeryarg...
WordPress plugin Digital License Manager 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress Digital License Manager plugin <= 1.7.3 - Reflected Cross-Site Scripting via remove_query_arg Function vulnerability
Reflected Cross-Site Scripting via removequeryarg Function vulnerability discovered by Peter Thaleikis in WordPress Plugin Digital License Manager versions = 1.7.3...
PT-2025-2250 · WordPress · Stageshow
Name of the Vulnerable Software and Affected Versions: StageShow plugin for WordPress versions prior to 9.8.7 Description: The StageShow plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of remove query arg without appropriate escaping on the URL. This allows...
PT-2024-15994 · WordPress · Persian Woocommerce Sms
Name of the Vulnerable Software and Affected Versions: Persian WooCommerce SMS plugin for WordPress versions up to, and including, 7.0.5 Description: The issue is related to Reflected Cross-Site Scripting due to the use of remove query arg without appropriate escaping on the URL. This allows...
WordPress plugin افزونه پیامک ووکامرس Persian WooCommerce SMS 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin.... WordPress plugin افزونه پیامک...
PT-2024-16944 · WordPress · Twchat
Name of the Vulnerable Software and Affected Versions: TWChat – Send or receive messages from users plugin for WordPress versions up to, and including, 4.0.4 Description: The issue is related to Reflected Cross-Site Scripting due to the use of remove query arg without appropriate escaping on the...
WordPress plugin TWChat 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...
WordPress plugin ForumWP 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress plugin...
PT-2024-39599 · WordPress · Branda – White Label & Branding
Name of the Vulnerable Software and Affected Versions: The Branda – White Label & Branding, Custom Login Page Customizer plugin for WordPress versions up to, and including, 3.4.19 Description: The issue is related to Reflected Cross-Site Scripting due to the use of remove query arg without...
WordPress plugin WS Form LITE 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-39194 · WordPress · Slicewp Affiliates
Name of the Vulnerable Software and Affected Versions: SliceWP Affiliates plugin for WordPress versions up to, and including, 1.1.20 Description: The issue is related to Reflected Cross-Site Scripting due to the use of remove query arg without appropriate escaping on the URL. This allows...
PT-2019-7264 · WordPress · Wp-Google-Map-Plugin
Name of the Vulnerable Software and Affected Versions: wp-google-map-plugin versions prior to 2.3.7 Description: The issue is related to Cross-Site Scripting XSS and involves the add query arg and remove query arg functions. Recommendations: For versions prior to 2.3.7, update to version 2.3.7 or...