WordPress Clean Login Plugin < 1.13.7 is vulnerable to Cross Site Scripting (XSS)

Software Clean Login Type Plugin Vulnerable versions 1.13.7 Fixed in 1.13.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4838 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 22741728df39 Credits Lana Codes Required...

WordPress YourChannel: Everything you want in a YouTube Plugin < 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software YourChannel: Everything you want in a YouTube Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4833 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 5ed747ddf3e...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4705 Patch priority Medium CVSS severity Medium 4.3 Developer WProyal PSID 52604a902691 Credits Ramuel Gall Required...

WordPress WP-ShowHide Plugin < 1.05 is vulnerable to Cross Site Scripting (XSS)

Software WP-ShowHide Type Plugin Vulnerable versions 1.05 Fixed in 1.05 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4825 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 5336dccd451c Credits Lana Codes Required...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4702 Patch priority Medium CVSS severity Medium 5.4 Developer WProyal PSID 8642498f8aa2 Credits Ramuel Gall Required...

WordPress Easy Testimonials Plugin < 3.9.3 is vulnerable to Cross Site Scripting (XSS)

Software Easy Testimonials Type Plugin Vulnerable versions 3.9.3 Fixed in 3.9.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4577 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 9b43bd7a7324 Credits Lana Codes Require...

WordPress Logo Slider Plugin < 3.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Logo Slider Type Plugin Vulnerable versions 3.6.0 Fixed in 3.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4664 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID e6f86b351cc2 Credits Lana Codes Required...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Cross Site Request Forgery (CSRF)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4707 Patch priority Low CVSS severity Low 4.3 Developer WProyal PSID d1eebd7ac349 Credits Ramuel Gall Require...

WordPress Post Category Image With Grid and Slider Plugin < 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Post Category Image With Grid and Slider Type Plugin Vulnerable versions 1.4.8 Fixed in 1.4.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4747 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID e6ed2518069c...

KLA20160 Multiple vulnerabilities in Microsoft Developer Tools

Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in .NET can be exploited remotely to cause deni...

WordPress Simple File Downloader Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software Simple File Downloader Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4764 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 2ef1f33eb376 Credits István Márton...

WordPress Posts List Designer by Category – List Category Posts Or Recent Posts Plugin < 3.2 is vulnerable to Cross Site Scripting (XSS)

Software Posts List Designer by Category – List Category Posts Or Recent Posts Type Plugin Vulnerable versions 3.2 Fixed in 3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4749 Patch priority Medium CVSS severity Medium 6.5 Developer Claim...

WordPress Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Plugin < 2.3.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Post Grid, Post Carousel, & List Category Posts – by Smart Post Show Type Plugin Vulnerable versions 2.3.5 Fixed in 2.3.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID...

WordPress Social Warfare Plugin <= 4.3.0 is vulnerable to Broken Access Control

Software Social Warfare Type Plugin Vulnerable versions = 4.3.0 Fixed in 4.4.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0402 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 18527265013d Credits Marco Wotschka Required...

WordPress WP Extended Search Plugin <= 2.1.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Extended Search Type Plugin Vulnerable versions = 2.1.1 Fixed in 2.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4649 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 8a685d2ed687 Credits István Márton...

WordPress WP Tabs Plugin < 2.1.17 is vulnerable to Cross Site Scripting (XSS)

Software WP Tabs Type Plugin Vulnerable versions 2.1.17 Fixed in 2.1.17 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0071 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 477efeb39f0f Credits István Márton Required...

WordPress WooCommerce Eway Gateway Plugin <= 3.5.0 is vulnerable to Insecure Direct Object References (IDOR)

Software WooCommerce Eway Gateway Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.5.1 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE N/A Patch priority Low CVSS severity Low 6.3 Developer Claim ownership PSID 9e6ef9dda0ad Credits WordfenceTeam...

WordPress Video Sidebar Widgets Plugin <= 6.1 is vulnerable to Cross Site Scripting (XSS)

Software Video Sidebar Widgets Type Plugin Vulnerable versions = 6.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4785 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 2859d13481bb Credits István Márton...

WordPress Widgets for Google Reviews Plugin < 9.8 is vulnerable to Cross Site Scripting (XSS)

Software Widgets for Google Reviews Type Plugin Vulnerable versions 9.8 Fixed in 9.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4470 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 6ca77c2a5891 Credits Lana Codes...

WordPress Restaurant Menu – Food Ordering System – Table Reservation Plugin < 2.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Restaurant Menu – Food Ordering System – Table Reservation Type Plugin Vulnerable versions 2.3.6 Fixed in 2.3.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4657 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSI...