WordPress StreamWeasels YouTube Integration Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software StreamWeasels YouTube Integration Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11788 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bbd6037644c5 Credits...

WordPress Pearl Plugin <= 1.3.6 is vulnerable to Cross Site Scripting (XSS)

Software Pearl Type Plugin Vulnerable versions = 1.3.6 Fixed in 1.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4000 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24b9141edb4a Credits Krzysztof Zając Required privilege...

PT-2023-10163 · Bestwebsoft · Bestwebsoft Contact Form Plugin

Name of the Vulnerable Software and Affected Versions: BestWebSoft Contact Form Plugin version 1.3.4 Description: A vulnerability was found in the BestWebSoft Contact Form Plugin and classified as problematic. The issue affects the function bws add menu render of the file bws menu/bws menu.php. T...

CVE-2021-33351

Cross Site Scripting Vulnerability in Wyomind Help Desk Magento 2 extension v.1.3.6 and before and fixed in v.1.3.7 allows attackers to escalte privileges via a crafted payload in the ticket message field...