5104 matches found
WordPress Themify Shortcodes Plugin < 2.0.8 is vulnerable to Cross Site Scripting (XSS)
Software Themify Shortcodes Type Plugin Vulnerable versions 2.0.8 Fixed in 2.0.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4787 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 25f866583e9e Credits István Márton...
WordPress Show-Hide / Collapse-Expand Plugin <= 1.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Show-Hide / Collapse-Expand Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4829 Patch priority Medium CVSS severity Medium 6.4 Developer Claim ownership PSID a608bae568e8 Credits István...
WordPress Show-Hide / Collapse-Expand Plugin <= 1.2.5 is vulnerable to Broken Authentication
Software Show-Hide / Collapse-Expand Type Plugin Vulnerable versions = 1.2.5 Fixed in 1.3.0 OWASP Top 10 A5: Broken Access Control Classification Broken Authentication CVE N/A Patch priority High CVSS severity High 5.4 Developer Claim ownership PSID 11f0fb541e9a Credits N/A Required privilege...
WordPress MediaElement.js – HTML5 Video & Audio Player Plugin <= 4.2.8 is vulnerable to Cross Site Scripting (XSS)
Software MediaElement.js – HTML5 Video & Audio Player Type Plugin Vulnerable versions = 4.2.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4699 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 2aa0c80da566...
WordPress Jeg Elementor Kit Plugin < 2.5.7 is vulnerable to Broken Access Control
Software Jeg Elementor Kit Type Plugin Vulnerable versions 2.5.7 Fixed in 2.5.7 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2022-3805 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID cb8e3a1233cd Credits Ramuel Gall Required privile...
WordPress Survey Maker Plugin <= 3.1.3 is vulnerable to Cross Site Scripting (XSS)
Software Survey Maker Type Plugin Vulnerable versions = 3.1.3 Fixed in 3.1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0038 Patch priority High CVSS severity High 7.2 Developer Claim ownership PSID 288687756ced Credits Chloe Chamberland Require...
WordPress PixCodes Plugin < 2.3.7 is vulnerable to Cross Site Scripting (XSS)
Software PixCodes Type Plugin Vulnerable versions 2.3.7 Fixed in 2.3.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4671 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 83d7d6cc74a4 Credits István Márton Required...
WordPress CPT Bootstrap Carousel Plugin <= 1.12 is vulnerable to Cross Site Scripting (XSS)
Software CPT Bootstrap Carousel Type Plugin Vulnerable versions = 1.12 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4834 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 49016ec732ce Credits István Márton...
WordPress Social Sharing Toolkit Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)
Software Social Sharing Toolkit Type Plugin Vulnerable versions = 2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4835 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f4242833e61a Credits István Márton...
WordPress Blockonomics Plugin <= 3.5.7 is vulnerable to Cross Site Scripting (XSS)
Software Blockonomics Type Plugin Vulnerable versions = 3.5.7 Fixed in 3.5.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a483f702894f Credits N/A Required privilege...
WordPress Booster Elite for WooCommerce Plugin < 6.0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Booster Elite for WooCommerce Type Plugin Vulnerable versions 6.0.1 Fixed in 6.0.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-4017 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e0191ec2ee9f Credits WPscan...
WordPress Bold Timeline Lite Plugin < 1.1.5 is vulnerable to Cross Site Scripting (XSS)
Software Bold Timeline Lite Type Plugin Vulnerable versions 1.1.5 Fixed in 1.1.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4828 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 0317e30acfa3 Credits István Márton...
WordPress PDF Viewer Plugin < 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software PDF Viewer Type Plugin Vulnerable versions 1.0.0 Fixed in 1.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0033 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 6e3ff2a57463 Credits István Márton Required...
WordPress kingclub-theme Theme < 10 is vulnerable to Arbitrary File Upload
Software kingclub-theme Type Theme Vulnerable versions 10 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID c582a1ee7025 Credits Joshua Small Required privilege...
WordPress statfort Theme < 10 is vulnerable to Arbitrary File Upload
Software statfort Type Theme Vulnerable versions 10 Fixed in N/A OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 68bfdf44186f Credits Joshua Small Required privilege...
WordPress Top 10 Plugin < 3.2.3 is vulnerable to Cross Site Scripting (XSS)
Software Top 10 Type Plugin Vulnerable versions 3.2.3 Fixed in 3.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4570 Patch priority Medium CVSS severity Medium 6.3 Developer WebberZone PSID f49ce51b95e1 Credits István Márton Required privilege...
WordPress GS Logo Slider Plugin < 3.3.8 is vulnerable to Cross Site Scripting (XSS)
Software GS Logo Slider Type Plugin Vulnerable versions 3.3.8 Fixed in 3.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4624 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID cf767b7a3829 Credits István Márton Require...
WordPress WeStand Theme < 2.1 is vulnerable to Arbitrary File Upload
Software WeStand Type Theme Vulnerable versions 2.1 Fixed in 2.1 OWASP Top 10 A6: Security Misconfiguration Classification Arbitrary File Upload CVE CVE-2022-0316 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 225b04e7a551 Credits Joshua Small Required privilege...
WordPress Passster – Password Protection Plugin < 3.5.5.9 is vulnerable to Broken Access Control
Software Passster – Password Protection Type Plugin Vulnerable versions 3.5.5.9 Fixed in 3.5.5.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-24881 Patch priority Low CVSS severity Low 5.3 Developer Patrick Posner PSID 3b75ba83694c Credits dc11 Required...
WordPress Genesis Columns Advanced Plugin < 2.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Genesis Columns Advanced Type Plugin Vulnerable versions 2.0.4 Fixed in 2.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4706 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID f94799f31fa9 Credits István Márt...