4 matches found
WordPress WP e-Commerce Style Email Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS)
Software WP e-Commerce Style Email Type Plugin Vulnerable versions = 0.6.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52462 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 22630f6609c8 Credits SOPROBRO Required...
WordPress WordPress GDPR & CCPA Plugin <= 2.0.2 is vulnerable to Broken Access Control
Software WordPress GDPR & CCPA Type Plugin Vulnerable versions = 2.0.2 Fixed in 2.0.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-11069 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID b71de0a7a1a1 Credits István Márton...
WordPress Weather Atlas Widget Plugin <= 3.0.1 is vulnerable to Cross Site Scripting (XSS)
Software Weather Atlas Widget Type Plugin Vulnerable versions = 3.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-52472 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5504e62dc0b7 Credits LVT-tholv2k Required privileg...
WordPress Geolocator Plugin <= 1.1 is vulnerable to PHP Object Injection
Software Geolocator Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-52443 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 70b8a65b2fb3 Credits LVT-tholv2k Required privilege Unauthenticated...