WordPress Brizy Plugin <= 2.4.43 is vulnerable to Cross Site Scripting (XSS)

Software Brizy Type Plugin Vulnerable versions = 2.4.43 Fixed in 2.4.44 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2087 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ead457b1b8e9 Credits wesley wcraft Required...

WordPress WPvivid Backup for MainWP Plugin <= 0.9.32 is vulnerable to Cross Site Scripting (XSS)

Software WPvivid Backup for MainWP Type Plugin Vulnerable versions = 0.9.32 Fixed in 0.9.33 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35664 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e6744843cdb4 Credits Yudistira Arya...

WordPress Swiss Toolkit For WP Plugin <= 1.0.7 is vulnerable to Broken Authentication

Software Swiss Toolkit For WP Type Plugin Vulnerable versions = 1.0.7 Fixed in 1.0.8 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2024-5204 Patch priority Medium CVSS severity Medium 8.8 Developer Claim ownership PSID 07e08699642a Credits István Márton...

WordPress NextScripts Plugin <= 4.4.3 is vulnerable to Cross Site Scripting (XSS)

Software NextScripts Type Plugin Vulnerable versions = 4.4.3 Fixed in 4.4.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1762 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2c09536c816a Credits Piotr Kuśpit Required...

WordPress Media Library Assistant Plugin <= 3.15 is vulnerable to Cross Site Scripting (XSS)

Software Media Library Assistant Type Plugin Vulnerable versions = 3.15 Fixed in 3.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3519 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f2ec0a790f20 Credits Le Ngoc Anh...

WordPress Event Management Tickets Booking Plugin <= 1.3.4 is vulnerable to PHP Object Injection

Software Event Management Tickets Booking Type Plugin Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-1895 Patch priority Medium CVSS severity Medium 7.4 Developer Claim ownership PSID d93e6770a231 Credits Francesco Carlucci...

WordPress LeadConnector Plugin <= 1.7 is vulnerable to Broken Access Control

Software LeadConnector Type Plugin Vulnerable versions = 1.7 Fixed in 1.8 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-1371 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2445a52c5c7c Credits Krzysztof Zając Required...

WordPress Democracy Poll Plugin <= 6.0.3 is vulnerable to Broken Access Control

Software Democracy Poll Type Plugin Vulnerable versions = 6.0.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33920 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 4ebe2afd67c8 Credits thiennv Required privilege...

WordPress Social Share Buttons by Supsystic Plugin <= 2.2.9 is vulnerable to Broken Access Control

Software Social Share Buttons by Supsystic Type Plugin Vulnerable versions = 2.2.9 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-47330 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 619b2c170607 Credits Abdi...

WordPress AJAX Login and Registration modal popup + inline form Plugin <= 2.23 is vulnerable to Cross Site Scripting (XSS)

Software AJAX Login and Registration modal popup + inline form Type Plugin Vulnerable versions = 2.23 Fixed in 2.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33918 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID ea1aeec00d87...

WordPress Contact Form Entries Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form Entries Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3715 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 05aa510d5273 Credits Tim Coen...

WordPress Debug Log Manager Plugin <= 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Debug Log Manager Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-32582 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1f92fe55cb9f Credits Majed Refaea Required...

WordPress MJ Update History Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software MJ Update History Type Plugin Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32543 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6f5d10b529f0 Credits Dimas Maulana Required privilege...

WordPress Code Insert Manager (Q2W3 Inc Manager) Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Code Insert Manager Q2W3 Inc Manager Type Plugin Vulnerable versions = 2.5.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32547 Patch priority Medium CVSS severity Medium 5.8 Developer Claim ownership PSID c408b8a3e4fc Credits Dimas Maulana...

WordPress Access Category Password Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Access Category Password Type Plugin Vulnerable versions = 1.5.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32535 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c844ee6de29c Credits Dimas Maulana Required...

WordPress Jobs for WordPress Plugin <= 2.7.5 is vulnerable to Cross Site Scripting (XSS)

Software Jobs for WordPress Type Plugin Vulnerable versions = 2.7.5 Fixed in 2.7.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32149 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a8a1acfb2c60 Credits Khalid Yusuf Required privile...

WordPress 5 Stars Rating Funnel Plugin <= 1.2.67 is vulnerable to Arbitrary Content Deletion

Software 5 Stars Rating Funnel Type Plugin Vulnerable versions = 1.2.67 Fixed in 1.3.02 OWASP Top 10 A1: Broken Access Control Classification Arbitrary Content Deletion CVE CVE-2024-31358 Patch priority Medium CVSS severity Medium 7.5 Developer Tobias PSID bd96c1e147ac Credits Emili Castells...

WordPress Post-Plugin Library Plugin <= 2.6.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Post-Plugin Library Type Plugin Vulnerable versions = 2.6.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31085 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c8fe5a2f8b83 Credits Dimas Maulana Required...

WordPress Contact Form 7 Newsletter Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)

Software Contact Form 7 Newsletter Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31110 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d60fc2231b4d Credits Dimas Maulana Required...

WordPress Woocommerce Social Media Share Buttons Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Woocommerce Social Media Share Buttons Type Plugin Vulnerable versions = 1.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31109 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2941fe56e84a Credits Dimas Maula...