WordPress Save as PDF plugin by Pdfcrowd Plugin <= 4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Save as PDF plugin by Pdfcrowd Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10891 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bc2c8b0bae5b Credits Peter...

WordPress pretix widget Plugin <= 1.0.5 is vulnerable to Local File Inclusion

Software pretix widget Type Plugin Vulnerable versions = 1.0.5 Fixed in 1.0.6 OWASP Top 10 A4: Insecure Design Classification Local File Inclusion CVE CVE-2024-9575 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 3a2933f81cf6 Credits João Pedro S Alcântara Kinorth Required...

WordPress Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Plugin <= 1.27 is vulnerable to Cross Site Scripting (XSS)

Software Accordion & FAQ – Helpie WordPress Accordion FAQ Plugin Type Plugin Vulnerable versions = 1.27 Fixed in 1.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47647 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aac881dee8e9 Credits...

WordPress WP Portfolio Theme <= 2.4 is vulnerable to Cross Site Scripting (XSS)

Software WP Portfolio Type Theme Vulnerable versions = 2.4 Fixed in 2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33537 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 960b34eee068 Credits stealthcopter Required privilege Contributor...

WordPress Responsive Image Gallery, Gallery Album Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Image Gallery, Gallery Album Type Plugin Vulnerable versions = 2.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31120 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 982538f631cc Credits LVT-tholv2k...

WordPress Simple Ajax Chat Plugin <= 20231101 is vulnerable to Cross Site Scripting (XSS)

Software Simple Ajax Chat Type Plugin Vulnerable versions = 20231101 Fixed in 20240216 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2956 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 1403f71c8e2b Credits Fourcade Required...

WordPress Permalink Manager Lite Plugin <= 2.4.3.1 is vulnerable to Broken Access Control

Software Permalink Manager Lite Type Plugin Vulnerable versions = 2.4.3.1 Fixed in 2.4.3.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2543 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 01746b8cad8b Credits Muhammad Zeeshan...

WordPress reCAPTCHA for all Plugin <= 1.22 is vulnerable to Broken Access Control

Software reCAPTCHA for all Type Plugin Vulnerable versions = 1.22 Fixed in 1.23 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32599 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 97d938ca1868 Credits Jonas Höbenreich Required...

WordPress Blog Navigator Chatbot by Xatkit Plugin <= 4.4.9 is vulnerable to Cross Site Scripting (XSS)

Software Blog Navigator Chatbot by Xatkit Type Plugin Vulnerable versions = 4.4.9 Fixed in 4.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1649 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 73a888678fc8 Credits Erwan L...

WordPress Solidres – Hotel booking plugin Plugin <= 0.9.4 is vulnerable to Cross Site Scripting (XSS)

Software Solidres – Hotel booking plugin Type Plugin Vulnerable versions = 0.9.4 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1374 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2295c3bbe77d Credits Daniel...