3 matches found
WordPress CPO Companion Plugin <= 1.0.4 is vulnerable to Cross Site Scripting (XSS)
Software CPO Companion Type Plugin Vulnerable versions = 1.0.4 Fixed in 1.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 4.7 Developer Claim ownership PSID f43e702e3d7e Credits WordfenceTeam Required privilege...
WordPress YouTube Channel Plugin <= 3.0.12.1 is vulnerable to Broken Access Control
Software YouTube Channel Type Plugin Vulnerable versions = 3.0.12.1 Fixed in 3.23.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-0447 Patch priority Medium CVSS severity Medium 4.3 Developer Aleksandar Urošević PSID 5cd4c6177416 Credits WordfenceTeam...
WordPress Embed PDF Plugin <= 1.0.6 is vulnerable to Cross Site Scripting (XSS)
Software Embed PDF Type Plugin Vulnerable versions = 1.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID 8a2ac50a92c3 Credits WordfenceTeam Required privilege...