14 matches found
CVE-2019-17232
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...
CVE-2019-17233
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...
CVE-2019-15643
The ultimate-faqs plugin before 1.8.22 for WordPress has XSS...
CVE-2024-56033 WordPress FAQs plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through = 1.0.2...
CVE-2024-56033 WordPress FAQs plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Reflected XSS.This issue affects FAQs: from n/a through = 1.0.2...
CVE-2024-56033
CVE-2024-56033 is a Reflected Cross-Site Scripting vulnerability described for Think201 FAQs (WordPress FAQs plugin). Affected version range is from n/a through 1.0.2. CVSS v3.1 base score 7.1 (HIGH) with Network attack vector, Low confidentiality, Integrity, and Availability impacts; user intera...
WordPress FAQs plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin FAQs versions = 1.0.2...
CVE-2024-54246 WordPress FAQs plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Think201 FAQs faqs allows Stored XSS.This issue affects FAQs: from n/a through = 1.0.2...
WordPress FAQs plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin FAQs versions = 1.0.2...
CVE-2019-17232
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...
CVE-2019-17233
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...
EUVD-2019-7649
Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...
CVE-2019-17233
The CVE affects WordPress plugin Ultimate FAQ (WordPress) up to version 1.8.24. The vulnerability originates in Functions/EWD_UFAQ_Import.php, allowing unauthenticated HTML content injection during FAQ import, potentially exposing malicious content to site visitors. Exploitation details are not p...
WordPress ultimate-faqs plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. ultimate-faqs is a FAQ plugin used in it. A cross-site scripting vulnerability exists in the WordPress ultimate-faqs plugin. An attack...