5 matches found
EUVD-2026-40896
The Wp Google Places Review Slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'place' parameter in versions up to, and including, 18.1. This is due to insufficient input sanitization and output escaping in admin/partials/googlecrawldfs.php, where the $GET'place'...
CVE-2019-1010124
WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting XSS. The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in...
WordPress WebAppick WooCommerce Product Feed Cross-Site Scripting Vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WebAppick WooCommerce Product Feed is a plugin used in WordPress to generate product feed data. A cross-site scripting...
CVE-2019-1010124
Summary: CVE-2019-1010124 affects WebAppick WooCommerce Product Feed (versions
CVE-2017-16758
Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...