WordPress WooCommerce Clover Payment Gateway Plugin <= 1.3.1 is vulnerable to Broken Access Control

Software WooCommerce Clover Payment Gateway Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0626 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 06c0aefba99a Credits Francesco...

WordPress Stratum Plugin <= 1.3.15 is vulnerable to Cross Site Scripting (XSS)

Software Stratum Type Plugin Vulnerable versions = 1.3.15 Fixed in 1.3.16 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3d8d138923e6 Credits Khalid Yusuf Required privilege Contributor...

WordPress SEOPress Plugin <= 7.5.2.1 is vulnerable to Cross Site Scripting (XSS)

Software SEOPress Type Plugin Vulnerable versions = 7.5.2.1 Fixed in 7.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2165 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b92e3ab1041a Credits Ngô Thiên An ancorn - VNPT-VCI ...

WordPress FlatPM Plugin < 3.1.05 is vulnerable to Cross Site Scripting (XSS)

Software FlatPM Type Plugin Vulnerable versions 3.1.05 Fixed in 3.1.05 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29803 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 707de1bb10ec Credits Ngô Thiên An ancorn from VNPT-VCI Required...

WordPress Premium Packages Plugin <= 5.8.2 is vulnerable to Cross Site Scripting (XSS)

Software Premium Packages Type Plugin Vulnerable versions = 5.8.2 Fixed in 5.8.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29924 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fd83d5609f73 Credits Yudistira Arya Required privile...

WordPress Schema Pro Plugin < 2.7.16 is vulnerable to Broken Access Control

Software Schema Pro Type Plugin Vulnerable versions 2.7.16 Fixed in 2.7.16 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1564 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 68dac5194d9b Credits Scott Kingsley Clark Required...

WordPress New RoyalSlider Plugin <= 3.4.2 is vulnerable to Cross Site Scripting (XSS)

Software New RoyalSlider Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30195 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 586b18a145b1 Credits Rafie Muhammad Patchstack Requir...

WordPress WP Go Maps Plugin <= 9.0.29 is vulnerable to Cross Site Scripting (XSS)

Software WP Go Maps Type Plugin Vulnerable versions = 9.0.29 Fixed in 9.0.30 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29931 Patch priority Medium CVSS severity Medium 7.1 Developer WP Go Maps PSID ec3cfcab7699 Credits Rafie Muhammad Patchstack Required...

WordPress Sunshine Photo Cart Plugin <= 3.1.1 is vulnerable to Cross Site Scripting (XSS)

Software Sunshine Photo Cart Type Plugin Vulnerable versions = 3.1.1 Fixed in 3.1.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30194 Patch priority Medium CVSS severity Medium 7.1 Developer WP Sunshine PSID fc4e8435fb65 Credits Dimas Maulana Required privilege...

WordPress WP Directory Kit Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software WP Directory Kit Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29774 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c316cffe9a7e Credits Dimas Maulana Required privileg...

WordPress Church Admin Plugin <= 4.1.17 is vulnerable to Cross Site Scripting (XSS)

Software Church Admin Type Plugin Vulnerable versions = 4.1.17 Fixed in 4.1.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-30193 Patch priority Low CVSS severity Low 6.5 Developer Andy Moyle PSID 239d5fd65793 Credits CatFather Required privilege...

WordPress WCFM – Frontend Manager for WooCommerce Plugin <= 6.7.8 is vulnerable to Cross Site Scripting (XSS)

Software WCFM – Frontend Manager for WooCommerce Type Plugin Vulnerable versions = 6.7.8 Fixed in 6.7.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29929 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3615c0b97947 Credits Steven Julian...

WordPress Podlove Podcast Publisher Plugin <= 4.0.9 is vulnerable to Cross Site Scripting (XSS)

Software Podlove Podcast Publisher Type Plugin Vulnerable versions = 4.0.9 Fixed in 4.0.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29915 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6b5b45e01eae Credits Dimas Maulana Require...

WordPress Co-marquage service-public.fr Plugin <= 0.5.72 is vulnerable to Cross Site Scripting (XSS)

Software Co-marquage service-public.fr Type Plugin Vulnerable versions = 0.5.72 Fixed in 0.5.73 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29758 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 54a2401a71ec Credits Yudistira Arya...

WordPress Locatoraid Store Locator Plugin <= 3.9.30 is vulnerable to Cross Site Scripting (XSS)

Software Locatoraid Store Locator Type Plugin Vulnerable versions = 3.9.30 Fixed in 3.9.31 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30181 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f59c57fd908e Credits Joshua Chan Required...

WordPress WordPress Importer Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Importer Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.0.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30201 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 79212c825fed Credits Dimas Maulana Required...

WordPress MyBookTable Bookstore Plugin <= 3.3.7 is vulnerable to Cross Site Scripting (XSS)

Software MyBookTable Bookstore Type Plugin Vulnerable versions = 3.3.7 Fixed in 3.3.8 OWASP Top 10 A1: Broken Access Control Classification Cross Site Scripting XSS CVE CVE-2024-29772 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b4a056c5d251 Credits CatFather Required...

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29932 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 391da759025d Credits Yudisti...

WordPress Page Builder by SiteOrigin Plugin <= 2.29.6 is vulnerable to Cross Site Scripting (XSS)

Software Page Builder by SiteOrigin Type Plugin Vulnerable versions = 2.29.6 Fixed in 2.29.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2202 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 92274a8f9656 Credits Webbernaut...

WordPress WordPress Meta Data and Taxonomies Filter (MDTF) Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Meta Data and Taxonomies Filter MDTF Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29906 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 19338c850285 Credits...