1698 matches found
CVE-2023-28533
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in M Williams Cab Grid plugin = 1.5.15 versions...
CVE-2023-30786
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Benjamin Guy Captcha Them All plugin = 1.3.3 versions...
CVE-2023-30784
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Kaya Studio Kaya QR Code Generator plugin = 1.5.2 versions...
CVE-2023-30489
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Email Subscription Popup plugin = 1.2.16 versions...
CVE-2023-28535
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Paytm Paytm Payment Donation plugin = 2.2.0 versions...
CVE-2023-37983
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Noël Jackson Art Direction plugin = 0.2.4 versions...
CVE-2023-23871
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Webdzier Button plugin = 1.1.23 versions...
PT-2023-25940 · WordPress · Sudipto Pratap Mahato Simple Light Weight Social Share
Name of the Vulnerable Software and Affected Versions: Sudipto Pratap Mahato Simple Light Weight Social Share plugin versions = 2.0 Description: The issue is related to an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin+ privileges can inject...
CVE-2023-23877 WordPress Pinterest RSS Widget Plugin <= 2.3.1 is vulnerable to Cross Site Scripting (XSS)
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in bkmacdaddy designs Pinterest RSS Widget plugin = 2.3.1 versions...
CVE-2023-37873
Unauth. Reflected Cross-Site Scripting XSS vulnerability in WooCommerce Shipping Multiple Addresses plugin = 3.8.5 versions...
CVE-2023-37974
Cross-Site Request Forgery CSRF vulnerability in Justin Klein WP Social AutoConnect plugin = 4.6.1 versions...
CVE-2023-37961
A cross-site request forgery CSRF vulnerability in Jenkins Assembla Auth Plugin 1.14 and earlier allows attackers to trick users into logging in to the attacker's account...
CVE-2023-37954
A cross-site request forgery CSRF vulnerability in Jenkins Rebuilder Plugin 320.v5a0933ae7d61 and earlier allows attackers to rebuild a previous build...
CVE-2023-36517
Cross-Site Request Forgery CSRF vulnerability in Kevon Adonis WP Abstracts plugin = 2.6.2 versions...
CVE-2023-25468
Cross-Site Request Forgery CSRF vulnerability in Reservation.Studio Reservation.Studio widget plugin = 1.0.11 versions...
PT-2023-19556 · WordPress · Scott Paterson Contact Form 7 Redirect & Thank You Page
Name of the Vulnerable Software and Affected Versions: Scott Paterson Contact Form 7 Redirect & Thank You Page plugin versions = 1.0.3 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing...
WordPress plugin Social Login and Register 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in WordPres...
PT-2023-22141 · Pi Websolution · Pi Websolution Conditional Cart Fee Plugin
Name of the Vulnerable Software and Affected Versions: PI Websolution Conditional cart fee plugin versions 1.0.96 and earlier Description: The issue is related to improper neutralization of input during web page generation, which can lead to Cross-site Scripting. Recommendations: For PI Websoluti...
CVE-2023-27452
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wow-Company Button Generator – easily Button Builder plugin = 2.3.3 versions...
PT-2023-21759 · WordPress · Smtp2Go – Email Made Easy
Name of the Vulnerable Software and Affected Versions: SMTP2GO – Email Made Easy plugin versions = 1.4.2 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For SMTP2GO – Email Made Easy plugin...