WordPress Specific Content For Mobile – Customize the mobile version without redirections Plugin <= 0.1.9.5 is vulnerable to Cross Site Scripting (XSS)

Software Specific Content For Mobile – Customize the mobile version without redirections Type Plugin Vulnerable versions = 0.1.9.5 Fixed in 0.1.9.6 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29126 Patch priority Medium CVSS severity Medium 7.1 Developer Claim...

WordPress Advanced Access Manager Plugin <= 6.9.20 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Access Manager Type Plugin Vulnerable versions = 6.9.20 Fixed in 6.9.21 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29124 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID bab97a68bf4d Credits Delbert Giovanni Lie Require...

WordPress WooCommerce Google Feed Manager Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Google Feed Manager Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29112 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a47ab0c3a92d Credits Joshua Chan Required...

WordPress Sitekit Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)

Software Sitekit Type Plugin Vulnerable versions = 1.6 Fixed in 1.7 OWASP Top 10 A1: Broken Access Control Classification Cross Site Scripting XSS CVE CVE-2024-29111 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c6b957dd4df3 Credits CatFather Required privilege Contribut...

WordPress RegistrationMagic Plugin <= 5.2.5.9 is vulnerable to Cross Site Scripting (XSS)

Software RegistrationMagic Type Plugin Vulnerable versions = 5.2.5.9 Fixed in 5.2.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29113 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID b3c2c9a16dfd Credits Yudistira Arya Required...

WordPress Advanced Access Manager Plugin <= 6.9.20 is vulnerable to Cross Site Scripting (XSS)

Software Advanced Access Manager Type Plugin Vulnerable versions = 6.9.20 Fixed in 6.9.21 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29127 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 31ea026b43aa Credits Rafie Muhammad...

WordPress Premium Addons for Elementor Plugin <= 4.10.16 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.16 Fixed in 4.10.17 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29106 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID 89d8d110c101 Credits Khalid Yusuf Required...

WordPress Extensions For CF7 Plugin <= 3.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Extensions For CF7 Type Plugin Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29102 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 67b6a4990cc0 Credits RE-ALTER Required privilege...

WordPress WP Calameo Plugin <= 2.1.7 is vulnerable to Cross Site Scripting (XSS)

Software WP Calameo Type Plugin Vulnerable versions = 2.1.7 Fixed in 2.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29098 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID e6c0b84991b1 Credits Ray Wilson Required privilege Contributor...

WordPress HT Easy GA4 ( Google Analytics 4 ) Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software HT Easy GA4 Google Analytics 4 Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29094 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 8f8e72c6e71d Credits Yudistira Arya...

WordPress Site Reviews Plugin <= 6.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions = 6.11.6 Fixed in 6.11.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29095 Patch priority Low CVSS severity Low 5.9 Developer Gemini Labs PSID ea55e6cb50a9 Credits isacaya Required privilege Author Published...

WordPress SupportCandy Plugin <= 3.2.3 is vulnerable to Cross Site Scripting (XSS)

Software SupportCandy Type Plugin Vulnerable versions = 3.2.3 Fixed in 3.2.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27991 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 64d8fa37173c Credits Mochamad Sofyan Required privilege...

WordPress ARMember Plugin <= 4.0.23 is vulnerable to Cross Site Scripting (XSS)

Software ARMember Type Plugin Vulnerable versions = 4.0.23 Fixed in 4.0.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27995 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a530dd76b60e Credits Van Lyubov Required privilege Administrator...

WordPress Database for Contact Form 7 Plugin <= 3.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Database for Contact Form 7 Type Plugin Vulnerable versions = 3.0.6 Fixed in 3.0.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29103 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 1d2cfc35a61d Credits RE-ALTER Required...

WordPress MJM Clinic Plugin <= 1.1.22 is vulnerable to Cross Site Scripting (XSS)

Software MJM Clinic Type Plugin Vulnerable versions = 1.1.22 Fixed in 1.1.23 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29096 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3af8c5b59be8 Credits Faizal Abroni Required privilege Editor...

WordPress YITH WooCommerce Product Add-Ons Plugin <= 4.5.0 is vulnerable to Cross Site Scripting (XSS)

Software YITH WooCommerce Product Add-Ons Type Plugin Vulnerable versions = 4.5.0 Fixed in 4.6.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27994 Patch priority Medium CVSS severity Medium 7.1 Developer YITH PSID 8464da6f5a09 Credits Yudistira Arya Required...

WordPress ShopLentor Plugin <= 2.8.1 is vulnerable to Cross Site Scripting (XSS)

Software ShopLentor Type Plugin Vulnerable versions = 2.8.1 Fixed in 2.8.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1960 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 64f9927062c1 Credits Webbernaut Required privilege...

WordPress oik Plugin <= 4.10.0 is vulnerable to Cross Site Scripting (XSS)

Software oik Type Plugin Vulnerable versions = 4.10.0 Fixed in 4.10.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2256 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2c1c9316e65f Credits Francesco Carlucci Required...

WordPress HUSKY Plugin <= 1.3.5.1 is vulnerable to Cross Site Scripting (XSS)

Software HUSKY Type Plugin Vulnerable versions = 1.3.5.1 Fixed in 1.3.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1796 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 938e3d425755 Credits Bassem Essam Required privileg...

WordPress HT Mega Plugin <= 2.4.6 is vulnerable to Directory Traversal

Software HT Mega Type Plugin Vulnerable versions = 2.4.6 Fixed in 2.4.7 OWASP Top 10 A5: Broken Access Control Classification Directory Traversal CVE CVE-2024-1974 Patch priority Low CVSS severity Low 7.7 Developer HTMega PSID 6d7e2f2731f2 Credits Webbernaut Required privilege Contributor Publish...