PT-2023-19222 · Unknown · Sergey Panasenko Sponsors Carousel

Name of the Vulnerable Software and Affected Versions: Sergey Panasenko Sponsors Carousel plugin versions prior to 4.02 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For versions...

CVE-2023-23723

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Winwar Media WP Email Capture plugin = 3.9.3 versions...

CVE-2023-25461

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in namithjawahar Wp-Insert plugin = 2.5.0 versions...

CVE-2023-25485

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Bernhard Kux JSON Content Importer plugin = 1.3.15 versions...

CVE-2023-25490

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Teubert Archivist – Custom Archive Templates plugin = 1.7.4 versions...

PT-2023-20104 · WordPress · Bernhard Kux Json Content Importer

Name of the Vulnerable Software and Affected Versions: Bernhard Kux JSON Content Importer plugin versions prior to 1.3.16 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For version...

CVE-2023-23816

Auth. admin+ Cross-Site Scripting XSS vulnerability in Twardes Sitemap Index plugin = 1.2.3 versions...

CVE-2022-47435

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Olive Design WP-OliveCart plugin = 1.1.3 versions...

CVE-2022-43480

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Magneticlab Sàrl Homepage Pop-up plugin = 1.2.5 versions...

CVE-2022-44625

The CVE CVE-2022-44625 affects the WordPress plugin Zephilou Cyklodev WP Notify (versions

CVE-2023-29170

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in PI Websolution Product Enquiry for WooCommerce, WooCommerce product catalog plugin = 2.2.12 versions...

CVE-2023-23799

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Leonardo Giacone Easy Panorama plugin = 1.1.4 versions...

CVE-2023-25702

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in Fullworks Quick Paypal Payments plugin = 5.7.25 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Go Prayer WP Prayer plugin = 1.9.6 versions...

CVE-2023-25049

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin = 3.3.4 versions...

CVE-2023-24402

Auth. admin+ Cross-Site Scripting XSS vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin = 2.0.18 versions...

PT-2023-19894 · WordPress · Podlove Podcast Publisher

Name of the Vulnerable Software and Affected Versions: Podlove Podcast Publisher plugin versions prior to 3.8.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects users with admin+ authentication. This type of vulnerability allows an attacker to inje...

CVE-2023-24396

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin = 1.5.11 versions...

CVE-2023-23998

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin = 1.3.0 versions...

CVE-2023-23996

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in ProfilePress Membership Team ProfilePress plugin = 4.5.3 versions...