4 matches found
WordPress Support SVG Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Support SVG Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11091 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7d70333b5396 Credits Francesco Carlucci Required...
WordPress Just Custom Fields Plugin <= 3.3.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software Just Custom Fields Type Plugin Vulnerable versions = 3.3.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6168 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 9fc0b88e6af6 Credits Francesco Carlucci...
WordPress Hide Dashboard Notifications Plugin <= 1.3 is vulnerable to Broken Access Control
Software Hide Dashboard Notifications Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1955 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 47605ad93239 Credits Francesco Carlucci...
WordPress Fancy Elementor Flipbox Plugin <= 2.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Fancy Elementor Flipbox Type Plugin Vulnerable versions = 2.5.1 Fixed in 2.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2349 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dd388fab11b8 Credits Francesco Carluc...