5 matches found
CVE-2025-58254
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in dtbaker StylePress for Elementor full-site-builder-for-elementor allows Stored XSS.This issue affects StylePress for Elementor: from n/a through = 1.2.1...
WordPress Map Store Locator Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Map Store Locator Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51920 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3bad7bf99174 Credits SOPROBRO Required privilege Contributo...
WordPress Change From Email Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Change From Email Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38738 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 281e9f01ebf2 Credits Cronus Required privilege Administrato...
WordPress Connected Sermons Plugin <= 1.2.1 is vulnerable to Cross Site Scripting (XSS)
Software Connected Sermons Type Plugin Vulnerable versions = 1.2.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID c3e345f223ee Credits Rafie Muhammad Patchstack Requir...
WordPress Injection Guard Plugin <= 1.2.1 is vulnerable to Broken Access Control
Software Injection Guard Type Plugin Vulnerable versions = 1.2.1 Fixed in 1.2.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-32574 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1c70e6bd7c94 Credits Abdi Pranata Required privile...