Lucene search
K

5 matches found

EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-40896

The Wp Google Places Review Slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'place' parameter in versions up to, and including, 18.1. This is due to insufficient input sanitization and output escaping in admin/partials/googlecrawldfs.php, where the $GET'place'...

6.1CVSS5.9AI score
Exploits0References5
NVD
NVD
added 2019/07/23 1:15 p.m.29 views

CVE-2019-1010124

WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by: Cross Site Scripting XSS. The impact is: XSS to RCE via editing theme files in WordPress. The component is: admin/partials/woo-feed-manage-list.php:63. The attack vector is: Administrator must be logged in...

5.4CVSS5.2AI score0.03213EPSS
Exploits5References3
CNVD
CNVD
added 2019/07/23 12:0 a.m.7 views

WordPress WebAppick WooCommerce Product Feed Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WebAppick WooCommerce Product Feed is a plugin used in WordPress to generate product feed data. A cross-site scripting...

5.4CVSS6.3AI score0.03213EPSS
Exploits5References1
CVE
CVE
added 2019/07/23 12:0 a.m.98 views

CVE-2019-1010124

Summary: CVE-2019-1010124 affects WebAppick WooCommerce Product Feed (versions

5.4CVSS5.3AI score0.03213EPSS
Exploits5References3Affected Software1
NVD
NVD
added 2017/11/09 10:29 p.m.17 views

CVE-2017-16758

Cross-site scripting XSS vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the "accesstoken" parameter...

4.8CVSS5.2AI score0.01028EPSS
Exploits2References3
Rows per page
Query Builder