BIT-WORDPRESS-2023-38000 Auth. Stored Cross-Site Scripting (XSS) vulnerability in WordPress core and Gutenberg plugin via Navigation Links Block

Auth. Stored contributor+ Cross-Site Scripting XSS vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin = 16.8.0 versions...

CVE-2023-47533 WordPress Countdown and CountUp, WooCommerce Sales Timer Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin = 1.8.2 versions...

CVE-2023-37993 WordPress wpShopGermany IT-RECHT KANZLEI Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS)

Auth. Stored Cross-Site Scripting XSS vulnerability in maennchen1.De wpShopGermany IT-RECHT KANZLEI plugin = 1.7 versions...

CVE-2023-25797

Auth. Stored Cross-Site Scripting XSS vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin = 4.1.2 versions...

CVE-2023-24002 WordPress YouTube Embed, Playlist and Popup by WpDevArt Plugin <= 2.6.3 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin = 2.6.3 versions...

CVE-2022-42462 WordPress IP Blacklist Cloud Plugin <= 5.00 is vulnerable to Cross Site Scripting (XSS)

Auth. Stored Cross-Site Scripting XSS vulnerability in Adeel Ahmed's IP Blacklist Cloud plugin = 5.00 versions...

CVE-2022-45816 WordPress GD bbPress Attachments Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)

Auth. Stored Cross-Site Scripting XSS vulnerability in GD bbPress Attachments plugin = 4.3.1 on WordPress...

Cross site scripting

Auth. Stored Cross-Site Scripting XSS vulnerability in Ezoic plugin = 2.8.8 on WordPress...

WordPress AM-HiLi plugin <= 1.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Hoang Van Hiep Patchstack Alliance in the WordPress AM-HiLi plugin versions = 1.0. Solution No patched version is available...

WordPress Popup Maker plugin <= 1.16.10 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by c3p0d4y in WordPress Popup Maker plugin versions = 1.16.10. Solution Update the WordPress Popup Maker plugin to the latest available version at least 1.16.11...

WordPress WP Best Quiz plugin <= 1.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Alpaca in WordPress WP Best Quiz plugin versions = 1.0. Solution No patched version available...

CVE-2020-22790

Authenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta allows a remote attacker to execute codeby injecting arbitrary web script or HTML via modifying the name of the users. The XSS is executed when an administrator access the logs...