5 matches found
WordPress Windsor Strava Athlete Plugin <= 1.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Windsor Strava Athlete Type Plugin Vulnerable versions = 1.3.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f40641265386 Credits Rafie Muhammad Patchstack...
WordPress Windsor Strava Club Plugin <= 1.0.14 is vulnerable to Cross Site Scripting (XSS)
Software Windsor Strava Club Type Plugin Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2effed58e825 Credits Rafie Muhammad Patchstack...
WordPress Windsor Strava Athlete plugin <= 1.3.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Windsor Strava Athlete plugin versions = 1.3.6. Solution No patched version available...
WordPress Windsor Strava Club plugin <= 1.0.14 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Windsor Strava Club plugin versions = 1.0.14. Solution No patched version available...
WordPress Windsor Strava Club plugin <= 1.0.14 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Windsor Strava Club plugin versions = 1.0.14. Solution No patched version available...