CVE-2023-47809

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Accordion plugin = 2.6 versions...

CVE-2023-47824

CVE-2023-47824: Cross-Site Request Forgery in WordPress plugin Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator (

CVE-2023-25987

Cross-Site Request Forgery CSRF vulnerability in Aleksandar Urošević My YouTube Channel plugin = 3.23.3 versions...

PT-2023-30631 · WordPress · Tiencop Wp Extra

Name of the Vulnerable Software and Affected Versions: TienCOP WP EXtra plugin versions = 6.4 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web application...

WordPress Plugin AppPresser Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-47245

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Marco Milesi ANAC XML Viewer plugin = 1.7 versions...

CVE-2023-47546

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Walter Pinem OneClick Chat to Order plugin = 1.0.4.2 versions...

PT-2023-23892 · Unknown · Brandbrilliance Post State Tags

Name of the Vulnerable Software and Affected Versions: BRANDbrilliance Post State Tags plugin versions 2.0.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

PT-2023-23632 · Unknown · Daniel Powney Multi Rating

Name of the Vulnerable Software and Affected Versions: Daniel Powney Multi Rating plugin versions 5.0.6 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended action...

PT-2023-30132 · Unknown · D. Relton Medialist Plugin

Name of the Vulnerable Software and Affected Versions: D. Relton Medialist plugin versions = 1.3.9 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows an attacker to inject malicious scripts into the website, potentially leading to...

CVE-2023-28499

Auth. author+ Stored Cross-Site Scripting XSS vulnerability in simonpedge Slide Anything – Responsive Content / HTML Slider and Carousel plugin = 2.4.9 versions...

CVE-2023-46777

Cross-Site Request Forgery CSRF vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin = 1.1.3 versions...

CVE-2023-47182

Cross-Site Request Forgery CSRF leading to a Stored Cross-Site Scripting XSS vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin = 3.5.2 versions...

CVE-2023-46093

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in LionScripts.Com Webmaster Tools plugin = 2.0 versions...

CVE-2023-46198

Cross-Site Request Forgery CSRF vulnerability in Scientech It Solution Appointment Calendar plugin = 2.9.6 versions...

CVE-2023-45772

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Scribit Proofreading plugin = 1.0.11 versions...

PT-2023-29724 · Xydac · Xydac Ultimate Taxonomy Manager Plugin

Name of the Vulnerable Software and Affected Versions: XYDAC Ultimate Taxonomy Manager plugin versions = 2.0 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This vulnerability allows for the execution of malicious scripts on a user's browser,...

PT-2023-29897 · Scientech It Solution · Scientech It Solution Appointment Calendar

Name of the Vulnerable Software and Affected Versions: Scientech It Solution Appointment Calendar plugin versions = 2.9.6 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...

PT-2023-29680 · Unknown · Wokamoto Simple Tweet

Name of the Vulnerable Software and Affected Versions: Wokamoto Simple Tweet plugin versions = 1.4.0.2 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. This vulnerability allows an attacker to inject maliciou...

PT-2023-23238 · Mytechtalky · Mytechtalky User Location/Ip Plugin

Name of the Vulnerable Software and Affected Versions: MyTechTalky User Location and IP plugin versions 1.6 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited by contributors or users with higher authentication...