PT-2024-31648 · Unknown · Spiffy Calendar

Name of the Vulnerable Software and Affected Versions: Spiffy Calendar versions through 4.9.13 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS in the Spiffy Calendar plugin...

WordPress Spiffy Calendar Plugin <= 4.9.13 is vulnerable to Cross Site Scripting (XSS)

Software Spiffy Calendar Type Plugin Vulnerable versions = 4.9.13 Fixed in 4.9.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-45458 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6044522ff419 Credits LVT-tholv2k Required privilege...

WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin < 4.9.14 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin versions 4.9.14. Solution Update the WordPress Product Options and Price Calculation Formulas for WooCommerce – Uni CPO plugin to the latest...