37 matches found
WordPress WHA Puzzle plugin <= 1.0.9 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress WHA Puzzle plugin versions = 1.0.9. Solution No patched version available...
WordPress Contest Gallery plugin <= 13.1.0.9 - Unauth. Stored Cross-Site Scripting (XSS) vulnerability
Unauth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in the WordPress Contest Gallery plugin versions = 13.1.0.9. Solution Update the WordPress Contest Gallery plugin to the latest available version at least 14.0.0...
WordPress ARForms Form Builder plugin <= 1.5.4 - Unauth. Stored Cross-Site Scripting (XSS) vulnerability
Unauth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in the WordPress ARForms Form Builder plugin versions = 1.5.4. Solution No reply from the vendor...
WordPress Slideshow SE plugin <= 2.5.5 - Auth. Cross-Site Scripting (XSS) vulnerability
Auth. Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in the WordPress Slideshow SE plugin versions = 2.5.5. Solution Deactivate and delete. This plugin has been closed as of October 7, 2022 and is not available for download. This closure is temporary, pendi...
WordPress Gallery with thumbnail slider plugin <= 6.0 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Gallery with thumbnail slider plugin versions = 6.0. Solution Update the WordPress Gallery with thumbnail slider plugin to the latest available version at least 6.1...
WordPress BuddyForms plugin <= 2.7.2 - Auth. Stored Cross-Site Scripting (XSS) vulnerability
Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in the WordPress BuddyForms plugin versions = 2.7.2. Solution No patched version is available...
WordPress Quiz And Survey Master plugin <= 7.3.4 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability
Auth. Reflected Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Quiz And Survey Master plugin versions = 7.3.4. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at least 7.3.5...
WordPress Pop-Up Chop Chop plugin <= 2.1.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Pop-Up Chop Chop plugin versions = 2.1.7. Solution No patched version is available. No reply from the vendor...
WordPress Awesome Filterable Portfolio plugin <= 1.9.7 - Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
Unauthenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Awesome Filterable Portfolio plugin versions = 1.9.7. Solution Deactivate and delete. This plugin has been closed as of September 14, 2022 and is not available for download...
WordPress NOTICE BOARD plugin <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress NOTICE BOARD plugin versions = 1.1. Solution No patched version is available...
WordPress History Timeline plugin <= 1.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress History Timeline plugin versions = 1.0.5. Solution Deactivate and delete. No reply from the vendor...
WordPress Meet My Team plugin <= 2.0.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability was discovered by Ngo Van Thien Patchstack Alliance in the WordPress Meet My Team plugin versions = 2.0.5. Solution Deactivate and delete. No reply from the vendor...
WordPress Torro Forms plugin <= 1.0.16 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Torro Forms plugin versions = 1.0.16. Solution Deactivate and delete. No reply from the vendor...
WordPress Blossom Recipe Maker plugin <= 1.0.7 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities were discovered by Ngo Van Thien Patchstack Alliance in the WordPress Blossom Recipe Maker plugin versions = 1.0.7. Solution Deactivate and delete. No reply from the vendor...
WordPress amCharts: Charts and Maps plugin <= 1.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress amCharts: Charts and Maps plugin versions = 1.4. Solution Update the WordPress amCharts: Charts and Maps plugin to the latest available version at least 1.4.1...
WordPress BxSlider WP plugin <= 2.0.0 - Authenticated Cross-Site Scripting (XSS) vulnerability
Authenticated Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress BxSlider WP plugin versions = 2.0.0. Solution No patched version is available...
WordPress Testimonials plugin <= 3.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Testimonials plugin versions = 3.0.1. Solution No patched version is available. No way to contact the vendor...
WordPress XO Slider plugin <= 3.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress XO Slider plugin versions = 3.3.2. Solution Update the WordPress XO Slider plugin to the latest available version at least 3.3.3...
WordPress Easy Pricing Tables plugin <= 3.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Easy Pricing Tables plugin versions = 3.1.2. Solution Update the WordPress Easy Pricing Tables plugin to the latest available version at least 3.1.3...
WordPress Private Messages For WordPress plugin <= 2.1.10 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Private Messages For WordPress plugin versions = 2.1.10. Solution Deactivate and delete. This plugin has been closed as of May 20, 2022 and is not available for download. This...