5093 matches found
WordPress EventPress Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software EventPress Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51861 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f2952d5f238c Credits SOPROBRO Required privilege Contributor...
WordPress WoW Guild Armory Roster Plugin <= 0.5.5 is vulnerable to Cross Site Scripting (XSS)
Software WoW Guild Armory Roster Type Plugin Vulnerable versions = 0.5.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51850 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 56dc451178b5 Credits SOPROBRO Required privilege...
WordPress Redirecter Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Redirecter Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51855 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID dfdafabcd66b Credits SOPROBRO Required privilege Contributor Publish...
WordPress Image Carousel Shortcode Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)
Software Image Carousel Shortcode Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51842 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 38ccc7d0aa04 Credits Gab Required privilege Contributo...
WordPress BU Slideshow Plugin <= 2.3.10 is vulnerable to Cross Site Scripting (XSS)
Software BU Slideshow Type Plugin Vulnerable versions = 2.3.10 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52351 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 35f550f0aa07 Credits SOPROBRO Required privilege Contributor...
WordPress OSM – OpenStreetMap Plugin <= 6.1.2 is vulnerable to Cross Site Scripting (XSS)
Software OSM – OpenStreetMap Type Plugin Vulnerable versions = 6.1.2 Fixed in 6.1.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52355 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 68bca5f9bb55 Credits Junwoo Kang Required privilege...
WordPress IA Map Analytics Basic Plugin <= 20170413 is vulnerable to Cross Site Scripting (XSS)
Software IA Map Analytics Basic Type Plugin Vulnerable versions = 20170413 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51937 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4ee8dd041e2f Credits SOPROBRO Required privilege...
WordPress Custom URL Shortener Plugin <= 0.3.6 is vulnerable to Cross Site Scripting (XSS)
Software Custom URL Shortener Type Plugin Vulnerable versions = 0.3.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51930 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 721373a7389e Credits SOPROBRO Required privilege...
WordPress GreenCon Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)
Software GreenCon Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51926 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 8a0742eb73fa Credits Gab Required privilege Contributor Published 8...
WordPress Pro Addons For Elementor Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)
Software Pro Addons For Elementor Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51812 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b0c22c1328af Credits Gab Required privilege...
WordPress Anant Addons for Elementor Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS)
Software Anant Addons for Elementor Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51813 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a1918ff11f57 Credits Gab Required privilege...
WordPress Trendy Restaurant Menu Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Trendy Restaurant Menu Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51796 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5538c79e9ace Credits SOPROBRO Required privilege...
WordPress Adventure Bucket List Plugin <= 1.0.9 is vulnerable to Cross Site Scripting (XSS)
Software Adventure Bucket List Type Plugin Vulnerable versions = 1.0.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51908 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5a843ca67ed0 Credits SOPROBRO Required privilege...
WordPress Wp-ImageZoom Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Wp-ImageZoom Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9934 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 48857c949d4e Credits Mohammad Nikouei Requir...
WordPress JobSearch Plugin <= 2.6.7 is vulnerable to Arbitrary File Upload
Software JobSearch Type Plugin Vulnerable versions = 2.6.7 Fixed in 2.6.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-8615 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 46ee6cd9f962 Credits Tonn Required privilege Unauthenticated Publish...
WordPress Heateor Social Login Plugin <= 1.1.35 is vulnerable to Broken Authentication
Software Heateor Social Login Type Plugin Vulnerable versions = 1.1.35 Fixed in 1.1.36 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10020 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 0cb2e3c4d2f1 Credits...
WordPress Super Socializer Plugin <= 7.13.68 is vulnerable to Broken Authentication
Software Super Socializer Type Plugin Vulnerable versions = 7.13.68 Fixed in 7.14 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-9946 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 3feff8ece72e Credits wesle...
WordPress Contact Form 7 Dynamic Text Extension Plugin <= 4.5 is vulnerable to Sensitive Data Exposure
Software Contact Form 7 Dynamic Text Extension Type Plugin Vulnerable versions = 4.5 Fixed in 4.5.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-10084 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 4a8f9f7ebcd8 Credits...
WordPress Contest Gallery Plugin <= 24.0.3 is vulnerable to SQL Injection
Software Contest Gallery Type Plugin Vulnerable versions = 24.0.3 Fixed in 24.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10687 Patch priority High CVSS severity High 9.3 Developer Wasiliy Strecker PSID 3e91b10a855a Credits shaman0x01 Required privilege Unauthenticate...
WordPress Loginizer Security Plugin <= 1.9.2 is vulnerable to Broken Authentication
Software Loginizer Security Type Plugin Vulnerable versions = 1.9.2 Fixed in 1.9.3 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10097 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 39d130db7003 Credits...