113 matches found
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jewel Theme WP Adminify plugin = 3.1.6 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in nigauri Insert Estimated Reading Time plugin = 1.2 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution WordPress publish post email notification plugin = 1.0.2.2 versions...
CVE-2023-40665
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pdfcrowd Save as Image plugin by Pdfcrowd plugin = 2.16.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin = 5.0.8 versions...
CVE-2023-27622 WordPress GuruWalk Affiliates Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abel Ruiz GuruWalk Affiliates plugin = 1.0.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jeffrey-WP Media Library Categories plugin = 2.0.0 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Visualmodo Borderless plugin = 1.4.8 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Elastic Email Sender plugin = 1.2.6 versions...
CVE-2023-34011
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in ShopConstruct plugin = 1.1.2 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in gsmith Cookie Monster plugin = 1.51 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pradeep Singh Dynamically Register Sidebars plugin = 1.0.1 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in M Williams Cab Grid plugin = 1.5.15 versions...
CVE-2023-38397
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eggemplo Gestion-Pymes plugin = 1.5.6 versions...
CVE-2023-31221
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ransom Christofferson PDQ CSV plugin = 1.0.0 versions...
keycloak: client access via device auth request spoof
Keycloak's device authorization grant does not correctly validate the device code and client ID. An attacker client could abuse the missing validation to spoof a client consent request and trick an authorization admin into granting consent to a malicious OAuth client or possible unauthorized acce...
CVE-2023-29438
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Eric Martin SimpleModal Contact Form SMCF plugin = 1.2.9 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Plainware ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Qumos MojoPlug Slide Panel plugin = 1.1.2 versions...
CVE-2023-35779
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Seed Webs Seed Fonts plugin = 2.3.1 versions...