WordPress WPPizza Plugin <= 3.18.13 is vulnerable to Cross Site Scripting (XSS)

Software WPPizza Type Plugin Vulnerable versions = 3.18.13 Fixed in 3.18.14 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-35766 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 5804edc2828f Credits Dimas Maulana Required privilege...

WordPress WPPizza Plugin <= 3.18.10 is vulnerable to Broken Access Control

Software WPPizza Type Plugin Vulnerable versions = 3.18.10 Fixed in 3.18.11 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33576 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID d7917e7b15a2 Credits Majed Refaea Required...

WordPress WPPizza Plugin <= 3.17.1 is vulnerable to Cross Site Scripting (XSS)

Software WPPizza Type Plugin Vulnerable versions = 3.17.1 Fixed in 3.17.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32105 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 82b4feb29bbf Credits Le Ngoc Anh Required...