11 matches found
CVE-2023-25961
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Catch Themes Darcie theme = 1.1.5 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in wpdevart Contact Form Builder, Contact Widget plugin = 2.1.6 versions...
CVE-2023-30494
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin = 3.1.10 versions...
CVE-2023-32108
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Ignazio Scimone Albo Pretorio On line plugin = 4.6.3 versions...
Cross site scripting
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Dream-Theme The7 plugin = 11.6.0 versions...
WordPress Wisem premium theme <= 1.26 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by m0ze in WordPress Wisem premium theme versions = 1.26. Solution 9 June 2021 - Theme removed from the Themeforest repository. Unfortunately, no information about the patched version is available...
WordPress Cooked Pro premium plugin <= 1.7.5.5 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by Jinson Varghese Behanan in WordPress Cooked Pro premium plugin versions = 1.7.5.5. Solution Update the WordPress Cooked Pro premium plugin to the latest available version at least 1.7.5.6...
CarePlus <= 1.2 - Unauthenticated Reflected Cross-Site Scripting (XSS)
An Unauthenticated Reflected XSS vulnerability was discovered in the CarePlus theme through 1.2 for WordPress. https://example.com/?s=%22%20autofocus%20onfocus=alertXSS;%20%22%3E...
WordPress Findgo premium theme <= 1.3.30 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability discovered by m0ze in WordPress Findgo premium theme versions = 1.3.30. Solution Update the WordPress Findgo premium theme to the latest available version at least =1.3.32...
JobMonster < 4.5.2.9 - Unauthenticated Reflected Cross-Site Scripting
In the theme JobMonster there is a XSS vulnerability as the input for the search form is provided through unsanitized GET requests. Note WPScanTeam: It's unclear which exact version fixed the issue, but the lowest we were able to test and confirm remediation was 4.5.2.9...
e-search <= 1.0 - Unauthenticated Reflected Cross-Site Scripting (XSS)
The e-search WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting XSS security vulnerability. PoC http://www.example.com/wp-content/plugins/e-search/tmpl/dateselect.php?date-from=""...