49 matches found
WordPress Resim Ara plugin <= 1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Ricardo Sanchez in WordPress Resim Ara plugin versions = 1.0. Solution This plugin has been closed as of January 17, 2020 and is not available for download. Reason: Security Issue...
WordPress Resim ara 1.0 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Resim ara 1.0 Resim ara is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Human Presence plugin <= 2.0.8 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress Human Presence plugin versions = 2.0.8. Solution 11 September 2019 - we were unable to find a patched version of this plugin...
WordPress Qwizcards plugin <= 3.36 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress Qwizcards plugin versions = 3.36. Solution 10 September 2019 - we were unable to find a patched version of this plugin...
WordPress API Bearer Auth plugin <= 20181229 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress API Bearer Auth plugin versions = 20181229. Solution 06 Sep 2019 - we were unable to find a patched version of this plugin. Deactivate and uninstall...
WordPress ECPay Logistics for WooCommerce plugin <= 1.2.181030 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress ECPay Logistics for WooCommerce plugin versions = 1.2.181030. Solution 06 Sep 2019 - we were unable to find a patched version of this plugin. Deactivate and uninstall...
WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting Vulnerability Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Spryng payments woocommerce 1.6.7 Spryng payments woocommerce is prone to a reflected...
WordPress API Bearer Auth 20181229 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications WordPress API Bearer Auth 20181229 Cross Site Scripting Vulnerability Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Api bearer auth 20181229 Api bearer auth is prone to a reflected cross-site scripting vulnerability...
WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting Vulnerability Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Portrait-Archiv.com Photostore 5.0.4 Portrait-Archiv.com is prone to a reflected...
WordPress Spryng Payments for WooCommerce plugin <= 1.6.7 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Ricardo Sanchez in WordPress Spryng Payments for WooCommerce plugin versions = 1.6.7. Solution 8 Sep 2019 - we were unable to find a patched version of this plugin...
WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Portrait-Archiv.com Photostore 5.0.4 Portrait-Archiv.com is prone to a reflected cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execut...
WordPress Propertyhive 1.4.14 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Propertyhive 1.4.14 Propertyhive is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in...
WordPress MQ ReLinks 1.8 XSS / Open Redirection
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable MQ ReLinks 1.8 MQ ReLinks is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Itinerary 1.0.0 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Credit Ricardo Sanchez Vulnerable Itinerary 1.0.0 Itinerary is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script...
WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS Vulnerability
WordPress Yakadanda Google+ Hangout Events plugin version 0.3.7 suffers from a cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable Yakadanda Google+ Hangout Events 0.3.7 Yakadanda Google+ Hangout Events is prone to a stored cross-site scripting vulnerability because it fails to...
WordPress Itinerary 1.0.0 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Itinerary 1.0.0 Itinerary is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress WebConnex Form Management 1.6.3 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable WebConnex Form Management 1.6.3 WebConnex Form Management is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute...
WordPress Yakadanda Google+ Hangout Events 0.3.7 XSS
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Yakadanda Google+ Hangout Events 0.3.7 Yakadanda Google+ Hangout Events is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this iss...
WordPress Placemarks 2.0.0 Cross Site Scripting
Class Input Validation Error Remote Yes Credit Ricardo Sanchez Vulnerable Placemarks 2.0.0 Placemarks is prone to a stored cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...
WordPress Sagepay Server Gateway For WooCommerce 1.0.7 XSS Vulnerability
WordPress Sagepay Server Gateway For WooCommerce plugin version 1.0.7 suffers from a persistent cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable SagePay Server Gateway for WooCommerce 1.0.7 SagePay Server Gateway for WooCommerce is prone to a stored cross-site scripting...