CVE-2026-42642 WordPress GiveWP plugin <= 4.14.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in StellarWP GiveWP give allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GiveWP: from n/a through = 4.14.5...

WordPress Bold Page Builder plugin <= 5.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via `percentage` Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via percentage Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Bold Page Builder versions = 5.4.5...

CVE-2023-27443

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Grant Kimball Simple Vimeo Shortcode plugin = 2.9.1 versions...

PT-2020-15487 · Jenkins · Jenkins Android Lint Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Android Lint Plugin versions 2.6 and earlier Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the plugin does not escape the annotation message in tooltips. This can be exploited ...