WordPress Social Rocket - Social Sharing Plugin plugin <= 1.3.4.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via id vulnerability

WordPress Social Rocket - Social Sharing Plugin plugin = 1.3.4.2 - Authenticated Subscriber+ Stored Cross-Site Scripting via id vulnerability discovered by Tarcísio Luchesi De Almeida Silva Poystick in WordPress Plugin Social Rocket versions = 1.3.4.2...

CVE-2026-1923 Social Rocket – Social Sharing Plugin <= 1.3.4.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via id

The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.3.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

PT-2026-34627

The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.3.4.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2023-40334

Missing Authorization vulnerability in RealMag777 HUSKY woocommerce-products-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through = 1.3.4.2...

CVE-2023-40010

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in realmag777 HUSKY – Products Filter for WooCommerce Professional.This issue affects HUSKY – Products Filter for WooCommerce Professional: from n/a through 1.3.4.2...

CVE-2023-40334

Missing Authorization vulnerability in realmag777 HUSKY allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through 1.3.4.2...

CVE-2023-40334 WordPress HUSKY plugin <= 1.3.4.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in RealMag777 HUSKY woocommerce-products-filter allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HUSKY: from n/a through = 1.3.4.2...

CVE-2024-32593

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2...

PT-2024-24715 · WordPress · Wpbits Addons For Elementor Page Builder

Name of the Vulnerable Software and Affected Versions: WPBITS Addons For Elementor Page Builder versions 1.3.4.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means th...

WordPress WPBITS Addons For Elementor Page Builder plugin <= 1.3.4.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Khalid Patchstack Alliance in WordPress Plugin WPBITS Addons For Elementor Page Builder versions = 1.3.4.2...

CVE-2024-2129

The WPBITS Addons For Elementor Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's heading widget in all versions up to, and including, 1.3.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possib...

CVE-2023-40010

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in realmag777 HUSKY – Products Filter for WooCommerce Professional.This issue affects HUSKY – Products Filter for WooCommerce Professional: from n/a through 1.3.4.2...