13 matches found
WordPress Image Alt Text Manager – Bulk & Dynamic Alt Tags For image SEO Optimization + AI plugin <= 1.6.3 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Alt Manager versions = 1.6.3...
CVE-2024-34420
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in talspotim Comments Evolved for WordPress allows Stored XSS.This issue affects Comments Evolved for WordPress: from n/a through 1.6.3...
CVE-2025-52754
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in selloio Sello ChannelConnector sello-channelconnector allows Reflected XSS.This issue affects Sello ChannelConnector: from n/a through = 1.6.3...
CVE-2025-52754 WordPress Sello ChannelConnector plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in selloio Sello ChannelConnector sello-channelconnector allows Reflected XSS.This issue affects Sello ChannelConnector: from n/a through = 1.6.3...
WordPress WordPress Error Monitoring by Bugsnag Plugin <= 1.6.3 - Cross Site Request Forgery (CSRF) Vulnerability
Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WordPress Error Monitoring by Bugsnag versions = 1.6.3...
WordPress Picture Gallery plugin <= 1.6.3 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Picture Gallery versions = 1.6.3...
PT-2025-2149 · WordPress · The Rate Star Review Vote – Ajax Reviews
Name of the Vulnerable Software and Affected Versions: The Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress versions up to, and including, 1.6.3 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'videowhisper reviews' shortcode due to...
PT-2025-1785 · Weavertheme · Turnkey Bbpress
Name of the Vulnerable Software and Affected Versions: Turnkey bbPress by WeaverTheme plugin for WordPress versions up to, and including, 1.6.3 Description: The issue is related to Reflected Cross-Site Scripting via the wpnonce parameter due to insufficient input sanitization and output escaping...
WordPress Qode Essential Addons plugin <= 1.6.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Qode Essential Addons versions = 1.6.3...
CVE-2024-35754
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Ovic Team Ovic Importer allows Path Traversal.This issue affects Ovic Importer: from n/a through 1.6.3...
CVE-2023-47670
Cross-Site Request Forgery CSRF vulnerability in Jongmyoung Kim Korea SNS.This issue affects Korea SNS: from n/a through 1.6.3...
CVE-2023-47680
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...
GHSA-JH2M-J8PP-55RC Prototype Pollution in gedi
All versions of package gedi up to and including version 1.6.3 are vulnerable to Prototype Pollution via the set function...