5093 matches found
WordPress Photo Gallery by 10Web Plugin <= 1.8.30 is vulnerable to Cross Site Scripting (XSS)
Software Photo Gallery by 10Web Type Plugin Vulnerable versions = 1.8.30 Fixed in 1.8.31 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9878 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e0cf77477c6f Credits tmrswrr Require...
WordPress Seriously Simple Podcasting Plugin <= 3.5.0 is vulnerable to Cross Site Scripting (XSS)
Software Seriously Simple Podcasting Type Plugin Vulnerable versions = 3.5.0 Fixed in 3.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9667 Patch priority Medium CVSS severity Medium 7.1 Developer Castos PSID 0de852fa37f5 Credits Webbernaut...
WordPress Loginplus Plugin <= 1.2 is vulnerable to Cross Site Scripting (XSS)
Software Loginplus Type Plugin Vulnerable versions = 1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51782 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 3789effcd64f Credits Mika Required privilege Unauthenticated...
WordPress Don't Break The Code Plugin <= .3.1 is vulnerable to Cross Site Scripting (XSS)
Software Don't Break The Code Type Plugin Vulnerable versions = .3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51779 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e5611bdb41d7 Credits João Pedro S Alcântara Kinorth...
WordPress Satisfaction Reports from Help Scout Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)
Software Satisfaction Reports from Help Scout Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51778 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID cf60abd46d51 Credits thiennv...
WordPress Conversion Helper Plugin <= 1.12 is vulnerable to Cross Site Scripting (XSS)
Software Conversion Helper Type Plugin Vulnerable versions = 1.12 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-10676 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 008d9a851e15 Credits João Pedro S Alcântara Kinorth...
WordPress Simple Modal Plugin <= 0.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Simple Modal Type Plugin Vulnerable versions = 0.3.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51718 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 97fa1290c928 Credits João Pedro S Alcântara Kinorth Requir...
WordPress Jigoshop – Store Toolkit Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)
Software Jigoshop – Store Toolkit Type Plugin Vulnerable versions = 1.4.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51712 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 84e860833836 Credits Zlrqh Required privilege...
WordPress Saragna Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Saragna Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51711 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 521f5ad254b7 Credits João Pedro S Alcântara Kinorth Required...
WordPress WP Visual Adverts Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)
Software WP Visual Adverts Type Plugin Vulnerable versions = 2.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51707 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6941a74fa9c3 Credits João Pedro S Alcântara Kinorth...
WordPress UW Freelancer Plugin <= 0.1 is vulnerable to Cross Site Scripting (XSS)
Software UW Freelancer Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51706 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dbafd19742b3 Credits João Pedro S Alcântara Kinorth Require...
WordPress WP-Basics Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)
Software WP-Basics Type Plugin Vulnerable versions = 2.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51703 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 01450775b356 Credits João Pedro S Alcântara Kinorth Required...
WordPress Buooy Sticky Header Plugin <= 0.5.2 is vulnerable to Cross Site Scripting (XSS)
Software Buooy Sticky Header Type Plugin Vulnerable versions = 0.5.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51699 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 69b828628d74 Credits João Pedro S Alcântara Kinorth...
WordPress Geotagged Media Plugin <= 0.3.0 is vulnerable to Cross Site Scripting (XSS)
Software Geotagged Media Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51694 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4b066fa172bd Credits João Pedro S Alcântara Kinorth...
WordPress Content Syndication Toolkit Reader Plugin <= 1.5 is vulnerable to Cross Site Scripting (XSS)
Software Content Syndication Toolkit Reader Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51696 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4c15b730abc5 Credits João Pedro S...
WordPress WooCommerce Social Login Plugin <= 2.7.7 is vulnerable to Broken Authentication
Software WooCommerce Social Login Type Plugin Vulnerable versions = 2.7.7 Fixed in 2.7.8 OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-10114 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 36095483e627 Credi...
WordPress BookingPress Plugin <= 1.1.16 is vulnerable to SQL Injection
Software BookingPress Type Plugin Vulnerable versions = 1.1.16 Fixed in 1.1.17 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10540 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID ae4b89138a08 Credits Arkadiusz Hydzik Required privilege Subscriber...
WordPress Accordion title for Elementor Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Accordion title for Elementor Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51685 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 52950207abc4 Credits Michael Required privile...
WordPress W3P SEO Plugin < 1.8.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software W3P SEO Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51684 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 58f497ee049b Credits SOPROBRO Required privilege...
WordPress Appointmind Plugin <= 4.0.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software Appointmind Type Plugin Vulnerable versions = 4.0.0 Fixed in 4.1.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51679 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 55eaeba7d578 Credits SOPROBRO Required...