PT-2023-22971 · Blubrry · Blubrry Powerpress Podcasting Plugin

Name of the Vulnerable Software and Affected Versions: Blubrry PowerPress Podcasting plugin versions = 10.0.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that affects the Blubrry PowerPress Podcasting plugin. This vulnerability can be exploited by...

PT-2023-19270 · Unknown · Webdzier Button

Name of the Vulnerable Software and Affected Versions: Webdzier Button plugin versions = 1.1.23 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the Webdzier Button plugin...

PT-2023-19552 · Spider Teams · Spider Teams Applyonline Plugin

Name of the Vulnerable Software and Affected Versions: Spider Teams ApplyOnline plugin versions = 2.5 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability affects the Spider Teams ApplyOnline...

Exploit for Open Redirect in King-Theme Kingcomposer

CVE-2022-0165 - Page Builder KingComposer WordPress Plugin - I...

PT-2023-23705 · Getbutton.Io · Getbutton Chat Button

Name of the Vulnerable Software and Affected Versions: GetButton Chat Button by GetButton.Io plugin versions 1.8.9.4 and earlier Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin privileges can inject...

PT-2023-26229 · WordPress · Wpkube Authors List

Name of the Vulnerable Software and Affected Versions: WPKube Authors List plugin versions = 2.0.2 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentiall...

PT-2023-26228 · WordPress · Gravity Master Custom Field For Wp Job Manager

Name of the Vulnerable Software and Affected Versions: Gravity Master Custom Field For WP Job Manager plugin versions = 1.1 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject malicious...

PT-2023-20091 · Unknown · Miro Mannino Flickr Justified Gallery

Name of the Vulnerable Software and Affected Versions: Miro Mannino Flickr Justified Gallery plugin versions = 3.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions...

PT-2023-14773 · Nootheme · Noo Timetable

Name of the Vulnerable Software and Affected Versions: NooTheme Noo Timetable plugin versions = 2.1.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

PT-2023-19886 · WordPress · Ankit Social Media Icons Widget

Name of the Vulnerable Software and Affected Versions: a.Ankit Social Media Icons Widget plugin versions 1.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

PT-2023-24624 · Unknown · Etoile Web Design Front End Users

Name of the Vulnerable Software and Affected Versions: Etoile Web Design Front End Users plugin versions prior to 3.2.25 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions o...

PT-2023-20259 · WordPress · Pagup Wordpress Robots.Txt Optimization Plugin

Name of the Vulnerable Software and Affected Versions: Pagup WordPress Robots.Txt optimization plugin versions 1.4.5 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing...

PT-2023-23447 · WordPress · Ai Chatbot

Name of the Vulnerable Software and Affected Versions: AI ChatBot WordPress plugin versions prior to 4.6.1 Description: The issue allows high-privilege users, such as admins, to perform Cross-Site Scripting attacks. This is possible because the plugin does not adequately escape some settings, eve...

PT-2023-19268 · Amit Agarwal · Google Xml Sitemap For Mobile

Name of the Vulnerable Software and Affected Versions: Amit Agarwal Google XML Sitemap for Mobile plugin versions = 1.6.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions ...

PT-2023-22148 · Dream Theme · The7

Name of the Vulnerable Software and Affected Versions: Dream-Theme The7 plugin versions prior to 11.6.0 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website, potentially leading to...

PT-2023-24636 · Unknown · Andy Moyle Church Admin

Name of the Vulnerable Software and Affected Versions: Andy Moyle Church Admin plugin versions 3.7.29 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into websites, potentially leading t...

PT-2023-24708 · WordPress · Wp Overnight Quick/Bulk Order Form For Woocommerce

Name of the Vulnerable Software and Affected Versions: WP Overnight Quick/Bulk Order Form for WooCommerce plugin versions = 3.5.7 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For WP...

PT-2023-21121 · WordPress · Wpsimpletools Manage Upload Limit

Name of the Vulnerable Software and Affected Versions: WpSimpleTools Manage Upload Limit plugin versions 1.0.4 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for reflected cross-site scripting attacks without...

PT-2023-25306 · Seed Webs · Seed Webs Seed Fonts Plugin

Name of the Vulnerable Software and Affected Versions: Seed Webs Seed Fonts plugin versions prior to 2.3.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions prior to 2.3.1, update...

PT-2023-24033 · WordPress · One Rank Math Seo Pro

Name of the Vulnerable Software and Affected Versions: One Rank Math SEO PRO plugin versions = 3.0.35 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing the...