36 matches found
WordPress YAHMAN Add-ons Plugin <= 0.9.28 is vulnerable to Backdoor
Software YAHMAN Add-ons Type Plugin Vulnerable versions = 0.9.28 Fixed in 0.9.29 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 26c7f39721f9 Credits Sansec.io Required privilege Unauthenticated Published 3 July,...
WordPress Product Customer List for WooCommerce Plugin <= 3.1.6 is vulnerable to Backdoor
Software Product Customer List for WooCommerce Type Plugin Vulnerable versions = 3.1.6 Fixed in 3.1.7 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 23316ac7b932 Credits Sansec.io Required privilege Unauthenticate...
WordPress alfred24 Click & Collect Plugin <= 1.1.7 is vulnerable to Backdoor
Software alfred24 Click & Collect Type Plugin Vulnerable versions = 1.1.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID cf5f2b39e0cf Credits Sansec.io Required privilege Unauthenticated Published 3...
WordPress Word Balloon Plugin <= 4.22.1 is vulnerable to Backdoor
Software Word Balloon Type Plugin Vulnerable versions = 4.22.1 Fixed in 4.22.2 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8a74f733243a Credits Sansec.io Required privilege Unauthenticated Published 3 July, 202...
WordPress CommandBar for WP Admin Plugin <= 1.0.7 is vulnerable to Backdoor
Software CommandBar for WP Admin Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 4ca3d0fa43b1 Credits Sansec.io Required privilege Unauthenticated Published 3...
WordPress Contact Form 7 Multi-Step Addon Plugin <= 1.0.5 is vulnerable to Backdoor
Software Contact Form 7 Multi-Step Addon Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.7 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8aae8a0dc1cb Credits Sansec.io Required privilege Unauthenticated...
WordPress ShipAny Plugin <= 1.1.52 is vulnerable to Backdoor
Software ShipAny Type Plugin Vulnerable versions = 1.1.52 Fixed in 1.1.53 OWASP Top 10 A3: Injection Classification Backdoor CVE N/A Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 3bc0ee8c1578 Credits Sansec.io Required privilege Unauthenticated Published 3 July, 2024...
WordPress Bulk Landing Page Creator for WordPress LPagery Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Bulk Landing Page Creator for WordPress LPagery Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.2.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 60b86f842956 Credits Rafi...
WordPress WP Logger Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software WP Logger Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID fcdb763b1c53 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Menukaart - Restaurant Menu & Online Ordering with WooCommerce Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)
Software Menukaart - Restaurant Menu & Online Ordering with WooCommerce Type Plugin Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 0dd6733ef2c4...
WordPress BlogPost - BlogPost Widgets - Amazing Blog Layouts Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software BlogPost - BlogPost Widgets - Amazing Blog Layouts Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 694940615fc3 Credits Rafie...
WordPress Spotlight Social Media Feeds Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)
Software Spotlight Social Media Feeds Type Plugin Vulnerable versions = 1.6 Fixed in 1.6.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 91b8b157c36a Credits Rafie Muhammad Patchstack...
WordPress WordPress Auto SEO Plugin – Upfiv SEO Wizard Plugin <= 1.0.3 is vulnerable to Cross Site Scripting (XSS)
Software WordPress Auto SEO Plugin – Upfiv SEO Wizard Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 2a56c1fca648 Credits Rafie...
WordPress TempTool [Show Current Template Info] Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Software TempTool Show Current Template Info Type Plugin Vulnerable versions = 1.1.9 Fixed in 1.1.10 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bb611e3948a1 Credits Rafie Muhammad...
WordPress UltraAddons Elementor Lite Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software UltraAddons Elementor Lite Type Plugin Vulnerable versions = 1.0.9 Fixed in 1.1.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID d3b08d811ef1 Credits Rafie Muhammad Patchstack...
WordPress Elementor Addon Elements Plugin <= 1.11.16 is vulnerable to Cross Site Scripting (XSS)
Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.11.16 Fixed in 1.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer WPVibes PSID 41872ea94dbe Credits Rafie Muhammad Patchstack Required...
WordPress Backup Bolt Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)
Software Backup Bolt Type Plugin Vulnerable versions = 1.1.3 Fixed in 1.2.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6cdb95fd5dfc Credits Rafie Muhammad Patchstack Required...
WordPress Webba Booking Plugin < 4.5.31 is vulnerable to Cross Site Scripting (XSS)
Software Webba Booking Type Plugin Vulnerable versions 4.5.31 Fixed in 4.5.31 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Webba Plugins PSID 1c913074f660 Credits Rafie Muhammad Patchstack Required...
WordPress Shortcodes Ultimate Plugin <= 5.13.0 is vulnerable to Cross Site Scripting (XSS)
Software Shortcodes Ultimate Type Plugin Vulnerable versions = 5.13.0 Fixed in 5.13.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 568e2ac38f7b Credits Rafie Muhammad Patchstack...
WordPress StreamCast Plugin < 2.1.9 is vulnerable to Cross Site Scripting (XSS)
Software StreamCast Type Plugin Vulnerable versions 2.1.9 Fixed in 2.1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 86ec05693cb6 Credits Rafie Muhammad Patchstack Required...