Podcast Channels < 0.28 - Cross-Site Scripting

The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability. id: CVE-2014-4544 info: name: Podcast Channels 0.28 - Cross-Site Scripting author: daffainfo severity: medium description: The Podcast Channels WordPress plugin was...

Knowage Suite 7.3 - Cross-Site Scripting

Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. id: CVE-2021-30213 info: name: Knowage Suite 7.3 - Cross-Site Scripting author: alph4byt3 severity:...

WordPress Auto-Install Free SSL – Generate & Install Free SSL Certificates plugin <= 4.5.0 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Free SSL Certificate Plugin, HTTPS Redirect, Renewal Reminder – Auto-Install Free SSL versions = 4.5.0...

CVE-2023-25961

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Catch Themes Darcie theme = 1.1.5 versions...

CVE-2023-30498

Unauth. Reflected Cross-Site Scripting XSS vulnerability in CodeFlavors Vimeotheque: Vimeo WordPress Plugin = 2.2.1 versions...

CVE-2023-35884

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime plugin = 3.0.5 versions...

ABB Cylon Aspect 3.08.01 (jsonProxy.php) Unauthenticated Reflected XSS

Summary ASPECT is an award-winning scalable building energy management and control solution designed to allow users seamless access to their building data through standard building protocols including smart devices. Description The ABB BMS/BAS controller suffers from an unauthenticated reflected...

ABB Cylon Aspect 3.08.01 jsonProxy.php Cross Site Scripting Vulnerability

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated reflected cross-site scripting vulnerability. Input passed to the GET parameters query and application is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...

CVE-2023-45772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin = 3.1.5 versions...

CVE-2023-45770 WordPress Fast WP Speed Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Fastwpspeed Fast WP Speed plugin = 1.0.0 versions...

CVE-2023-41663

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Giovambattista Fazioli WP Bannerize Pro plugin = 1.6.9 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Pixelgrade PixTypes plugin = 1.4.15 versions...

CVE-2023-30494

Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.10 versions...

PT-2023-26817 · Xlplugins · Xlplugins User Email Verification For Woocommerce

Name of the Vulnerable Software and Affected Versions: XLPlugins User Email Verification for WooCommerce plugin versions = 3.5.0 Description: The issue is an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website,...

PT-2023-24637 · Unknown · Rakib Hasan Dynamic Qr Code Generator

Name of the Vulnerable Software and Affected Versions: Rakib Hasan Dynamic QR Code Generator plugin versions 0.0.0 through 0.0.5 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into the...

CVE-2023-32108

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Ignazio Scimone Albo Pretorio On line plugin = 4.6.3 versions...

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Dream-Theme The7 plugin = 11.6.0 versions...

Cross site scripting

Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability in EventPrime plugin = 2.8.6 versions...