WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)

Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...

WordPress Jigoshop – Store Toolkit Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Jigoshop – Store Toolkit Type Plugin Vulnerable versions = 1.4.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51712 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84e860833836 Credits Zlrqh Required privilege...

WordPress Geotagged Media Plugin <= 0.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Geotagged Media Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51694 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4b066fa172bd Credits João Pedro S Alcântara Kinorth...

WordPress WPAdverts – Classifieds Plugin Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS)

Software WPAdverts – Classifieds Plugin Type Plugin Vulnerable versions = 2.1.6 Fixed in 2.1.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10108 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d98a67dcc148 Credits...

WordPress Subscribe to Comments Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Subscribe to Comments Type Plugin Vulnerable versions = 2.3 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8792 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e73a4a4fc1e2 Credits vgo0 Required...

WordPress SEUR Oficial Plugin <= 2.2.11 is vulnerable to Cross Site Scripting (XSS)

Software SEUR Oficial Type Plugin Vulnerable versions = 2.2.11 Fixed in 2.2.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9438 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 09ee4a264f33 Credits vgo0 Required...

WordPress Terms descriptions Plugin <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Terms descriptions Type Plugin Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9374 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8fca607d99fe Credits vgo0 Required...

WordPress BP Member Type Manager Plugin <= 1.01 is vulnerable to Cross Site Scripting (XSS)

Software BP Member Type Manager Type Plugin Vulnerable versions = 1.01 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49634 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ae38971a18f4 Credits João Pedro S Alcântara Kinor...

WordPress Affiliate Platform Plugin <= 1.4.8 is vulnerable to Cross Site Scripting (XSS)

Software Affiliate Platform Type Plugin Vulnerable versions = 1.4.8 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49645 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e63013ed9d44 Credits Mika Required privilege...

WordPress Parcel Pro Plugin <= 1.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Parcel Pro Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.9.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9383 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 434032076e56 Credits vgo0 Required privilege...

WordPress WP Photo Album Plus Plugin <= 8.8.05.003 is vulnerable to Cross Site Scripting (XSS)

Software WP Photo Album Plus Type Plugin Vulnerable versions = 8.8.05.003 Fixed in 8.8.07.004 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9951 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 361cb23fe9c7 Credits Noah...

WordPress Akismet htaccess writer Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Akismet htaccess writer Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-49316 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 909749f57b22 Credits Le Ngoc Anh Required...

WordPress cSlider Plugin <= 2.4.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software cSlider Type Plugin Vulnerable versions = 2.4.2 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49221 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fee1f2fb0a1b Credits SOPROBRO Required...

WordPress CJ Change Howdy Plugin <= 3.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software CJ Change Howdy Type Plugin Vulnerable versions = 3.3.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-49223 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d1b937179167 Credits SOPROBRO Requir...

WordPress ThemeHunk Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software ThemeHunk Type Plugin Vulnerable versions = 1.1.0 Fixed in 1.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8433 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c1773d3ddeac Credits Lucio Sá Required...

WordPress Rank Math SEO Plugin <= 1.0.228 is vulnerable to Broken Access Control

Software Rank Math SEO Type Plugin Vulnerable versions = 1.0.228 Fixed in 1.0.229 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-9161 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID ca30124e345e Credits Leo Required privilege...

WordPress Auto Amazon Links Plugin <= 5.4.2 is vulnerable to Cross Site Scripting (XSS)

Software Auto Amazon Links Type Plugin Vulnerable versions = 5.4.2 Fixed in 5.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9349 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 432d964bd7ed Credits vgo0 Required...

WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.66 is vulnerable to Cross Site Scripting (XSS)

Software ShiftController Employee Shift Scheduling Type Plugin Vulnerable versions = 4.9.66 Fixed in 4.9.67 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9435 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID a5108d6c15b...

WordPress WooCommerce – Store Exporter Plugin <= 2.7.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce – Store Exporter Type Plugin Vulnerable versions = 2.7.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8793 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5baa5a642e95 Credits vgo0...

WordPress DK PDF Plugin <= 1.9.6 is vulnerable to Cross Site Scripting (XSS)

Software DK PDF Type Plugin Vulnerable versions = 1.9.6 Fixed in 1.9.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8727 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID ce80562602cc Credits vgo0 Required privilege...