10 matches found
CVE-2024-9228
The Loggedin – Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web...
CVE-2024-9607
The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...
CVE-2024-9607
The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.9. This makes it possible for unauthenticated attackers to inject arbitrary web scripts i...
CVE-2024-9607
The CVE CVE-2024-9607 affects the WordPress plugin 10Web Social Post Feed (versions
PT-2024-39713 · 10Web · 10Web Social Post Feed
Name of the Vulnerable Software and Affected Versions: 10Web Social Post Feed plugin for WordPress versions up to, and including, 1.2.9 Description: The issue arises from the use of add query arg without proper escaping on the URL, leading to Reflected Cross-Site Scripting. This allows...
CVE-2024-8541
The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 2.6.5. Th...
PT-2024-39082 · WordPress · Discount Rules For Woocommerce
Name of the Vulnerable Software and Affected Versions: The Discount Rules for WooCommerce – Create Smart WooCommerce Coupons & Discounts, Bulk Discount, BOGO Coupons plugin for WordPress versions up to, and including, 2.6.5 Description: The issue is related to Reflected Cross-Site Scripting due t...
CVE-2024-8499
The Checkout Field Editor Checkout Manager for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘renderreviewrequestnotice’ function in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possib...
WordPress Checkout Field Editor (Checkout Manager) for WooCommerce plugin <= 2.0.3 - Reflected Cross-Site Scripting via render_review_request_notice vulnerability
Reflected Cross-Site Scripting via renderreviewrequestnotice vulnerability discovered by vgo0 in WordPress Plugin Checkout Field Editor Checkout Manager for WooCommerce versions = 2.0.3...
CVE-2024-9228
The Loggedin – Limit Active Logins plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.3.1. This makes it possible for unauthenticated attackers to inject arbitrary web...