WordPress plugin Royal Addons for Elementor 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

EUVD-2015-9213

Malware in sbrugna...

EUVD-2015-9210

Malware in sbrugna...

EUVD-2015-9202

Malware in sbrugna...

EUVD-2015-9199

Malware in sbrugna...

CVE-2024-10883

The SimpleForm – Contact form made simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers t...

CVE-2015-9359

The Jetpack plugin before 3.4.3 for WordPress has XSS via addqueryarg and removequeryarg...

PT-2025-1637 · WordPress · The Clickwhale – Link Manager

Name of the Vulnerable Software and Affected Versions: ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress versions up to, and including, 2.4.1 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add...

WordPress plugin Enable Accessibility 跨站脚本漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Enable Accessibility version 1.4.1 and previous versions of the existence of cross-site...

PT-2024-16916 · WordPress · استخراج محصولات ووکامرس برای آیسی

Name of the Vulnerable Software and Affected Versions: استخراج محصولات ووکامرس برای آیسی plugin for WordPress versions up to, and including, 2.1.3 Description: The issue is related to Reflected Cross-Site Scripting, which occurs due to the use of add query arg and remove query arg without proper...

PT-2024-16602 · WordPress · Wordpress Brute Force Protection – Stop Brute Force Attacks

Name of the Vulnerable Software and Affected Versions: WordPress Brute Force Protection – Stop Brute Force Attacks plugin for WordPress versions up to, and including, 2.2.6 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg and remove query arg...

CVE-2024-9239

The Booster for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 7.2.3. This makes it possible for unauthenticated attackers to inject...

CVE-2024-8726

The MailChimp Forms by MailMunch plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.2.3. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress plugin SimpleForm Contact Form Submissions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin SimpleForm Contact Form...

CVE-2024-9377

The Products, Order & Customers Export for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.0.15. This makes it possible for unauthenticat...

PT-2024-39605 · WordPress · [Product]

Name of the Vulnerable Software and Affected Versions: Products, Order & Customers Export for WooCommerce plugin for WordPress versions up to, and including, 2.0.15 Description: The issue is related to Reflected Cross-Site Scripting, which occurs due to the use of add query arg and remove query a...

PT-2024-39161 · WordPress · Wp Simple Booking Calendar

Name of the Vulnerable Software and Affected Versions: WP Simple Booking Calendar plugin for WordPress versions up to, and including, 2.0.10 Description: The issue is related to Reflected Cross-Site Scripting due to the use of add query arg and remove query arg without appropriate escaping on the...

CVE-2020-35769

Summary: CVE-2020-35769 affects Webmin 1.962 on Windows, via miniserv.pl mishandling special characters in CGI query parameters. This has been linked to remote command execution (in-the-wild vectors reported in multiple advisories) with CVSS 3.1/2.0 vectors indicating high/critical impact. Connec...

Design/Logic Flaw

Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via addqueryarg and removequeryarg...