WordPress Seriously Simple Podcasting Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)

Software Seriously Simple Podcasting Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9667 Patch priority Medium CVSS severity Medium 7.1 Developer Castos PSID 0de852fa37f5 Credits Webbernaut...

WordPress Loginplus Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)

Software Loginplus Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51782 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3789effcd64f Credits Mika Required privilege Unauthenticated...

WordPress WP-Basics Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)

Software WP-Basics Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51703 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01450775b356 Credits João Pedro S Alcântara Kinorth Required...

WordPress WP Visual Adverts Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Software WP Visual Adverts Type Plugin Vulnerable versions = 2.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51707 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6941a74fa9c3 Credits João Pedro S Alcântara Kinorth...

WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)

Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...

WordPress Buooy Sticky Header Plugin <= 0.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Buooy Sticky Header Type Plugin Vulnerable versions = 0.5.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51699 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 69b828628d74 Credits João Pedro S Alcântara Kinorth...

WordPress Conversion Helper Plugin <= 1.12 is vulnerable to Cross Site Scripting (XSS)

Software Conversion Helper Type Plugin Vulnerable versions = 1.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-10676 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 008d9a851e15 Credits João Pedro S Alcântara Kinorth...

WordPress UW Freelancer Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)

Software UW Freelancer Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51706 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dbafd19742b3 Credits João Pedro S Alcântara Kinorth Require...

WordPress Loginizer Security Plugin <= 1.9.2 is vulnerable to Broken Authentication

Software Loginizer Security Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 39d130db7003 Credits...

WordPress Satisfaction Reports from Help Scout Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Satisfaction Reports from Help Scout Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51778 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cf60abd46d51 Credits thiennv...

WordPress Content Syndication Toolkit Reader Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)

Software Content Syndication Toolkit Reader Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51696 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c15b730abc5 Credits João Pedro S...

WordPress Jigoshop – Store Toolkit Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)

Software Jigoshop – Store Toolkit Type Plugin Vulnerable versions = 1.4.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51712 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84e860833836 Credits Zlrqh Required privilege...

WordPress Geotagged Media Plugin <= 0.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Geotagged Media Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51694 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4b066fa172bd Credits João Pedro S Alcântara Kinorth...

WordPress Paytium Plugin <= 4.4.10 is vulnerable to Broken Access Control

Software Paytium Type Plugin Vulnerable versions = 4.4.10 Fixed in 4.4.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-51667 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f67b49ade6f3 Credits Trương Hữu Phúc truonghuuphuc...

WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.8.7 is vulnerable to Cross Site Scripting (XSS)

Software JS Help Desk – Best Help Desk & Support Plugin Type Plugin Vulnerable versions = 2.8.7 Fixed in 2.8.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51670 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ac0a5665f555 Credits casol...

WordPress W3P SEO Plugin < 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software W3P SEO Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51684 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 58f497ee049b Credits SOPROBRO Required privilege...

WordPress Appointmind Plugin <= 4.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Appointmind Type Plugin Vulnerable versions = 4.0.0 Fixed in 4.1.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51679 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 55eaeba7d578 Credits SOPROBRO Required...

WordPress BetterLinks Plugin <= 2.1.7 is vulnerable to SQL Injection

Software BetterLinks Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-51672 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 159a4550c364 Credits Marek Mikita Required privilege Administrator Publish...

WordPress Otter - Gutenberg Block Plugin <= 3.0.3 is vulnerable to Broken Access Control

Software Otter - Gutenberg Block Type Plugin Vulnerable versions = 3.0.3 Fixed in 3.0.4 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-51671 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID 1f22a7b87ab8 Credits Rafie Muhammad...

WordPress Accordion title for Elementor Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Accordion title for Elementor Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51685 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 52950207abc4 Credits Michael Required privile...