CVE-2023-32957

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Dazzlersoft Team Members Showcase plugin = 1.3.4 versions...

CVE-2023-47509

CVE-2023-47509: Unauthenticated Reflected XSS in ioannup Edit WooCommerce Templates plugin (

VulnCheck KEV: CVE-2019-5128

A command injection have been found in YouPHPTube Encoder. A successful attack could allow an attacker to compromise the server. Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube. The parameter base64Url in...

CVE-2023-47653 WordPress TWB Woocommerce Reviews Plugin <= 1.7.5 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abu Bakar TWB Woocommerce Reviews plugin = 1.7.5 versions...

CVE-2023-47673

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Stefano Ottolenghi Post Pay Counter plugin = 2.784 versions...

PT-2023-21129 · Unknown · Gl Spice New Adman Plugin

Name of the Vulnerable Software and Affected Versions: gl SPICE New Adman plugin versions = 1.6.8 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

CVE-2023-32093

Cross-Site Request Forgery CSRF vulnerability in Criss Swaim TPG Redirect plugin = 1.0.7 versions...

CVE-2023-31088

Cross-Site Request Forgery CSRF vulnerability in Faraz Quazi Floating Action Button plugin = 1.2.1 versions...

CVE-2023-32744

Cross-Site Request Forgery CSRF vulnerability in WooCommerce Product Recommendations plugin = 2.3.0 versions...

CVE-2023-47227

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Web-Settler Social Feed | All social media in one place plugin = 1.5.4.6 versions...

CVE-2023-47226

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Post Sliders & Post Grids plugin = 1.0.20 versions...

CVE-2023-46643

Unauth. Reflected Cross-Site Scripting XSS vulnerability in GARY JEZORSKI CloudNet360 plugin = 3.2.0 versions...

PT-2023-32354 · WordPress · Thumbnail Carousel Slider Plugin

Name of the Vulnerable Software and Affected Versions: Thumbnail carousel slider plugin for WordPress version 1.0 Description: The issue is due to missing nonce validation on the deleteselected function, making it possible for unauthenticated attackers to delete sliders in bulk via a forged reque...

CVE-2023-45759

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Peter Keung Peter’s Custom Anti-Spam plugin = 3.2.2 versions...

CVE-2023-45767

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wokamoto Simple Tweet plugin = 1.4.0.2 versions...

CVE-2023-45768

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Stephanie Leary Next Page plugin = 1.5.2 versions...

CVE-2023-45758

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Milesi Amministrazione Trasparente plugin = 8.0.2 versions...

CVE-2023-45646

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Henryholtgeerts PDF Block plugin = 1.1.0 versions...

PT-2023-29670 · WordPress · Easy Testimonial Slider/Form

Name of the Vulnerable Software and Affected Versions: Easy Testimonial Slider and Form versions 1.0.18 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can...

PT-2023-29722 · Libsyn · Libsyn Publisher Hub

Name of the Vulnerable Software and Affected Versions: Libsyn Libsyn Publisher Hub plugin versions 1.4.4 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a...