104 matches found
CVE-2023-34011
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in ShopConstruct plugin = 1.1.2 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in gsmith Cookie Monster plugin = 1.51 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pradeep Singh Dynamically Register Sidebars plugin = 1.0.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in M Williams Cab Grid plugin = 1.5.15 versions...
CVE-2023-38397
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eggemplo Gestion-Pymes plugin = 1.5.6 versions...
CVE-2023-31221
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
keycloak: client access via device auth request spoof
Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized acce...
CVE-2023-29438
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Martin SimpleModal Contact Form SMCF plugin = 1.2.9 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Qumos MojoPlug Slide Panel plugin = 1.1.2 versions...
CVE-2023-35779
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in gVectors Display Custom Fields – wpView plugin = 1.3.0 versions...
CVE-2023-25958
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Justin Saad Simple Tooltips plugin = 2.1.4 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPManageNinja LLC Ninja Tables plugin = 4.3.4 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ulf Benjaminsson WP-dTree plugin = 4.4.5 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Florin Arjocu Custom More Link Complete plugin = 1.4.1 versions...
CVE-2023-23733
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joel James Lazy Social Comments plugin = 2.0.4 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in CoreFortress Easy Event calendar plugin = 1.0 versions...
CVE-2023-26519
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Benfica Publish to Schedule plugin = 4.5.4 versions...