6 matches found
WordPress FX Currency Converter plugin cross-site scripting vulnerability
WordPress FX Currency Converter plugin is a plugin for WordPress websites designed to provide currency conversion functionality that allows users to perform real-time exchange rate calculations between different currencies. The WordPress FX Currency Converter plugin suffers from a cross-site...
CVE-2025-13963 FX Currency Converter <= 0.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The FX Currency Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'fxccconvert' shortcode in all versions up to, and including, 0.2.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-6257
The Euro FxRef Currency Converter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's currency shortcode in all versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-28747
Cross-Site Request Forgery CSRF vulnerability in codeboxr CBX Currency Converter plugin = 3.0.3 versions...
PT-2023-21933 · Unknown · Cbx Currency Converter
Name of the Vulnerable Software and Affected Versions: CBX Currency Converter plugin versions = 3.0.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web application...
CVE-2015-5065
Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter...