CVE-2026-32528 WordPress Riode | Multi-Purpose WooCommerce theme < 1.6.29 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in don-themes Riode riode allows Reflected XSS.This issue affects Riode: from n/a through 1.6.29...

WordPress ReviewX Plugin <= 1.6.28 is vulnerable to Broken Access Control

Software ReviewX Type Plugin Vulnerable versions = 1.6.28 Fixed in 1.6.29 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43323 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID aac7e9823c91 Credits Manab Jyoti Dowarah Required...

CVE-2022-4392

The iPanorama 360 WordPress Virtual Tour Builder plugin through 1.6.29 does not sanitise and escape some of its settings, which could allow users such as contributor+ to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

WordPress Plugin iPanorama 360 WordPress Virtual Tour Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...