7 matches found
WordPress Easy Accept Payments Plugin <= 4.9.10 is vulnerable to Broken Access Control
Software Easy Accept Payments Type Plugin Vulnerable versions = 4.9.10 Fixed in 5.0 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33591 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID dc8baebcdbf1 Credits Joshua Chan Required...
WordPress Absolutely Glamorous Custom Admin Plugin < 7.2.2 is vulnerable to Cross Site Scripting (XSS)
Software Absolutely Glamorous Custom Admin Type Plugin Vulnerable versions 7.2.2 Fixed in 7.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2907 Patch priority Low CVSS severity Low 5.9 Developer Cusmin PSID c9b7d9956a4d Credits Dikshita Trivedi...
WordPress XStore Core Plugin <= 5.3.8 is vulnerable to Arbitrary File Upload
Software XStore Core Type Plugin Vulnerable versions = 5.3.8 Fixed in 5.3.9 OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Upload CVE CVE-2024-33556 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 108b732f3dae Credits Rafie Muhammad Patchstack...
WordPress WP Portfolio Theme <= 2.4 is vulnerable to Cross Site Scripting (XSS)
Software WP Portfolio Type Theme Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33537 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 960b34eee068 Credits stealthcopter Required privilege Contributor...
WordPress Everest News Theme <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Everest News Type Theme Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27421 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c15b03e345f4 Credits László Radnai Required...
WordPress Viable blog Theme <= 1.1.4 is vulnerable to Cross Site Scripting (XSS)
Software Viable blog Type Theme Vulnerable versions = 1.1.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27419 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID bc9810b2a616 Credits László Radnai Required...
WordPress Mocho Blog Theme <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)
Software Mocho Blog Type Theme Vulnerable versions = 1.0.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27412 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 085597533752 Credits László Radnai Required...