3 matches found
WordPress TK Event Weather Plugin <= 1.6.6 is vulnerable to Cross Site Scripting (XSS)
Software TK Event Weather Type Plugin Vulnerable versions = 1.6.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID e823c2c9f8bf Credits Rafie Muhammad Patchstack Require...
WordPress TK Event Weather plugin <= 1.6.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress TK Event Weather plugin versions = 1.6.6. Solution No patched version available...
WordPress TK Event Weather plugin <= 1.6.6 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress TK Event Weather plugin versions = 1.6.6. Solution No patched version available...