WordPress Materialis Companion Plugin < 1.3.40 is vulnerable to Cross Site Scripting (XSS)

Software Materialis Companion Type Plugin Vulnerable versions 1.3.40 Fixed in 1.3.40 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4762 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 80cd16937fbb Credits Lana Codes...

WordPress Map Multi Marker Plugin <= 3.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Map Multi Marker Type Plugin Vulnerable versions = 3.2.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47591 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0fa0897cb0de Credits minhtuanact Requir...

WordPress Leaflet Maps Marker Plugin < 3.12.7 is vulnerable to Cross Site Scripting (XSS)

Software Leaflet Maps Marker Type Plugin Vulnerable versions 3.12.7 Fixed in 3.12.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4677 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 99a82b35c26d Credits Lana Codes...

WordPress jQuery T(-) Countdown Widget Plugin < 2.3.24 is vulnerable to Cross Site Scripting (XSS)

Software jQuery T- Countdown Widget Type Plugin Vulnerable versions 2.3.24 Fixed in 2.3.24 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0171 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6d69c46b235b Credits Lana...

WordPress Annual Archive Plugin < 1.6.0 is vulnerable to Cross Site Scripting (XSS)

Software Annual Archive Type Plugin Vulnerable versions 1.6.0 Fixed in 1.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0178 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e447b05c3b01 Credits Lana Codes Required...

WordPress WP Blog and Widget Plugin < 2.3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Blog and Widget Type Plugin Vulnerable versions 2.3.1 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4824 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID db9b8648db51 Credits Lana Codes Requir...

WordPress YouTube Channel Plugin < 3.23.0 is vulnerable to Cross Site Scripting (XSS)

Software YouTube Channel Type Plugin Vulnerable versions 3.23.0 Fixed in 3.23.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4756 Patch priority Medium CVSS severity Medium 6.3 Developer Aleksandar Urošević PSID 3866f6e0ecf5 Credits Lana Codes...

WordPress GamiPress – Vimeo integration Plugin < 1.0.9 is vulnerable to Cross Site Scripting (XSS)

Software GamiPress – Vimeo integration Type Plugin Vulnerable versions 1.0.9 Fixed in 1.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0154 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID eece071753de Credits Lana...

WordPress Ibtana Plugin < 1.1.8.8 is vulnerable to Cross Site Scripting (XSS)

Software Ibtana Type Plugin Vulnerable versions 1.1.8.8 Fixed in 1.1.8.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4674 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID e564cfbd3326 Credits Lana Codes Required...

WordPress EAN for WooCommerce Plugin < 4.4.3 is vulnerable to Cross Site Scripting (XSS)

Software EAN for WooCommerce Type Plugin Vulnerable versions 4.4.3 Fixed in 4.4.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0062 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID efcc1edc10be Credits Lana Codes...

WordPress Breadcrumb Plugin < 1.5.33 is vulnerable to Cross Site Scripting (XSS)

Software Breadcrumb Type Plugin Vulnerable versions 1.5.33 Fixed in 1.5.33 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4836 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 68e0f577b655 Credits Lana Codes Required...

WordPress Hide My WP Plugin < 6.2.9 is vulnerable to SQL Injection

Software Hide My WP Type Plugin Vulnerable versions 6.2.9 Fixed in 6.2.9 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2022-4681 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ad94e6b8ba54 Credits Xenofon Vassilakopoulos Required privilege...

WordPress WC Vendors Marketplace Plugin < 2.4.5 is vulnerable to Cross Site Scripting (XSS)

Software WC Vendors Marketplace Type Plugin Vulnerable versions 2.4.5 Fixed in 2.4.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0072 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID c2abc726ee8e Credits Lana Codes...

WordPress Send PDF for Contact Form 7 Plugin < 0.9.9.2 is vulnerable to Cross Site Scripting (XSS)

Software Send PDF for Contact Form 7 Type Plugin Vulnerable versions 0.9.9.2 Fixed in 0.9.9.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0143 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 570b9726f6b6 Credits Istv...

WordPress YourChannel: Everything you want in a YouTube Plugin < 1.2.3 is vulnerable to Cross Site Scripting (XSS)

Software YourChannel: Everything you want in a YouTube Type Plugin Vulnerable versions 1.2.3 Fixed in 1.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4833 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 5ed747ddf3e...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Broken Access Control

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-4700 Patch priority Medium CVSS severity Medium 5.4 Developer WProyal PSID 423004fa0a2f Credits Ramuel Gall Required...

WordPress Royal Elementor Addons Plugin <= 1.3.59 is vulnerable to Cross Site Scripting (XSS)

Software Royal Elementor Addons Type Plugin Vulnerable versions = 1.3.59 Fixed in 1.3.60 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4710 Patch priority High CVSS severity High 6.1 Developer WProyal PSID 88dfeeb21d4c Credits Ramuel Gall Required...

WordPress PPWP – WordPress Password Protect Page Plugin < 1.8.6 is vulnerable to Cross Site Scripting (XSS)

Software PPWP – WordPress Password Protect Page Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4626 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID c899b093125c Credi...

WordPress Easy Testimonials Plugin < 3.9.3 is vulnerable to Cross Site Scripting (XSS)

Software Easy Testimonials Type Plugin Vulnerable versions 3.9.3 Fixed in 3.9.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4577 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 9b43bd7a7324 Credits Lana Codes Require...

WordPress WP-ShowHide Plugin < 1.05 is vulnerable to Cross Site Scripting (XSS)

Software WP-ShowHide Type Plugin Vulnerable versions 1.05 Fixed in 1.05 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4825 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 5336dccd451c Credits Lana Codes Required...