84 matches found
CVE-2022-47444
The CVE-2022-47444 entry concerns an Unauth. Reflected Cross-Site Scripting (XSS) in the ProfilePress Membership Team Paid Membership Plugin. Affected are ProfilePress plugin versions
PT-2023-15320 · WordPress · Profilepress
Name of the Vulnerable Software and Affected Versions: ProfilePress plugin versions = 4.5.3 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability in the ProfilePress Membership Team Paid Membership Plugin. This affects components such as Ecommerce, Registration For...
CVE-2022-0327
The Master Addons for Elementor WordPress plugin before 1.8.5 does not sanitise and escape the errormessage parameter before outputting it back in the response of the jltmarestrictcontent AJAX action, available to unauthenticated and authenticated users, leading to a Reflected Cross-Site Scriptin...
Resin Pro improperly performs Unicode transformations
Overview Resin Pro 4.0.39 and possibly earlier versions improperly performs Unicode transformations. Description CWE-20:Improper Input Validation Resin Pro 4.0.39 and possibly earlier versions perform incorrect Unicode transformations on output to HTTP responses for ISO-8859-1. This allows an...