CVE-2023-27613

Unauth. Reflected Cross-Site Scripting XSS vulnerability in MonitorClick Forms Ada – Form Builder plugin = 1.0 versions...

CVE-2023-33315

Cross-Site Request Forgery CSRF vulnerability in Stephen Darlington, Wandle Software Limited Smart App Banner plugin = 1.1.2 versions...

CVE-2023-25976

Cross-Site Request Forgery CSRF vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin = 1.2.2 versions...

CVE-2023-25781

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sebastian Krysmanski Upload File Type Settings plugin = 1.1 versions...

PT-2023-22146 · Artistscope · Artistscope Copysafe Web Protection

Name of the Vulnerable Software and Affected Versions: ArtistScope CopySafe Web Protection plugin versions = 3.13 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially...

CVE-2022-38356

Cross-Site Request Forgery CSRF vulnerability in StylemixThemes WordPress Header Builder Plugin – Pearl plugin = 1.3.4 versions...

WordPress plugin CoSchedule 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2023-15076 · WordPress · Brainstorm Force Starter Templates

Name of the Vulnerable Software and Affected Versions: Brainstorm Force Starter Templates plugin versions = 3.1.20 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions...

CVE-2023-24414

Cross-Site Request Forgery CSRF vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin = 3.2.11 versions...

CVE-2023-2715

The Groundhogg plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitticket' function in versions up to, and including, 2.7.9.8. This makes it possible for authenticated attackers to create a support ticket that sends the website's...

CVE-2023-23641

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WPmanage Uji Popup plugin = 1.4.3 versions...

CVE-2023-22706

Unauth. Reflected Cross-Site Scripting XSS vulnerability in PropertyHive plugin = 1.5.48 versions...

CVE-2023-23683

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Ozan Canakli White Label Branding for Elementor Page Builder plugin = 1.0.2 versions...

PT-2023-18660 · Unknown · Ncrafts Formcraft

Name of the Vulnerable Software and Affected Versions: nCrafts FormCraft plugin versions 1.2.6 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by contributors or users with higher authentication levels. The...

CVE-2022-27856

Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Atlas Gondal Export All URLs plugin = 4.1 versions...

CVE-2023-30746

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Booqable Rental Software Booqable Rental plugin = 2.4.15 versions...

CVE-2023-24418

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin = 3.2 versions...

CVE-2023-23812

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Joost de Valk Enhanced WP Contact Form plugin = 2.2.3 versions...

CVE-2023-24372

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in USB Memory Direct Simple Custom Author Profiles plugin = 1.0.0 versions...

CVE-2023-23647 WordPress Team Member Plugin <= 4.4 is vulnerable to Cross Site Scripting (XSS)

Auth. author+ Stored Cross-Site Scripting XSS vulnerability in Sk. Abul Hasan Team Member – Team with Slider plugin = 4.4 versions...