CVE-2023-40557 WordPress Tabs & Accordion plugin <= 1.3.10 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in PickPlugins Tabs & Accordion allows Code Injection.This issue affects Tabs & Accordion: from n/a through 1.3.10...

CVE-2023-40557 WordPress Tabs & Accordion plugin <= 1.3.10 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in PickPlugins Tabs & Accordion allows Code Injection.This issue affects Tabs & Accordion: from n/a through 1.3.10...

CVE-2024-32816

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid.This issue affects Post Grid: from n/a through 2.2.78...

CVE-2024-32816 WordPress Combo Blocks plugin <= 2.2.78 - Sensitive Data Exposure via API vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid.This issue affects Post Grid: from n/a through 2.2.78...

CVE-2024-32816 WordPress Combo Blocks plugin <= 2.2.78 - Sensitive Data Exposure via API vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PickPlugins Post Grid.This issue affects Post Grid: from n/a through 2.2.78...

CVE-2024-32816

Technical details about CVE-2024-32816 (PickPlugins Post Grid) are not publicly provided in the supplied documents. Monitor for updates from official advisories and vendor disclosures before assessing risk or mitigations.

CVE-2024-31277

Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32...

CVE-2024-31277

CVE-2024-31277 affects PickPlugins Product Designer (WordPress plugin) up to version 1.0.32. Root cause: Deserialization of untrusted data leading to unauthenticated PHP Object Injection. Impact: potential compromise of data integrity and confidentiality as indicated by CVSS, with unauthenticated...

CVE-2024-31277 WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32...

CVE-2024-31277 WordPress Product Designer plugin <= 1.0.32 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in PickPlugins Product Designer.This issue affects Product Designer: from n/a through 1.0.32...

CVE-2024-30441

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid allows Reflected XSS.This issue affects Post Grid: from n/a through 2.2.74...

CVE-2024-30441

Technical details (affected product versions, root cause, exploit viability, and remediation) are not publicly disclosed in the provided documents; monitor for updates.

CVE-2024-30441 WordPress Combo Blocks plugin <= 2.2.74 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Post Grid allows Reflected XSS.This issue affects Post Grid: from n/a through 2.2.74...

PT-2024-23369 · Pickplugins · Pickplugins Post Grid

Name of the Vulnerable Software and Affected Versions: PickPlugins Post Grid versions through 2.2.74 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This means that an attacker can...

CVE-2024-29097

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins User profile allows Stored XSS.This issue affects User profile: from n/a through 2.0.20...

CVE-2024-29097 WordPress User profile plugin <= 2.0.20 - Subscriber+ Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins User profile allows Stored XSS.This issue affects User profile: from n/a through 2.0.20...

CVE-2024-29097

CVE-2024-29097 is a Stored XSS in PickPlugins User profile for WordPress caused by improper input neutralization during page generation. Affected versions: up to and including 2.0.20. Public advisories (Red Hat, Wordfence) confirm the issue and indicate a patch has been issued, but the exact patc...

PT-2024-22717 · Pickplugins · Pickplugins User Profile

Name of the Vulnerable Software and Affected Versions: PickPlugins User profile versions n/a through 2.0.20 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS in the User profile...

CVE-2023-51666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Related Post allows Stored XSS.This issue affects Related Post: from n/a through 2.0.53...

CVE-2023-51666

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Related Post allows Stored XSS.This issue affects Related Post: from n/a through 2.0.53...