4 matches found
WordPress Debug Tool Plugin <= 2.2 is vulnerable to Remote Code Execution (RCE)
Software Debug Tool Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Remote Code Execution RCE CVE CVE-2024-52416 Patch priority Medium CVSS severity Medium 10 Developer Claim ownership PSID d30460ac8a3a Credits Mika Required privilege Unauthenticated...
WordPress Spice Box Plugin < 2.2 is vulnerable to Cross Site Scripting (XSS)
Software Spice Box Type Plugin Vulnerable versions 2.2 Fixed in 2.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1d9a54925819 Credits Rafie Muhammad Patchstack Required privilege...
WordPress Clock In Portal- Staff & Attendance Management Plugin <= 2.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software Clock In Portal- Staff & Attendance Management Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-0763 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 460bee1676e1...
WordPress Userlike – WordPress Live Chat plugin Plugin <= 2.2 is vulnerable to Cross Site Scripting (XSS)
Software Userlike – WordPress Live Chat plugin Type Plugin Vulnerable versions = 2.2 Fixed in 2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23734 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da66e187f0fd Credits yuyud...