Lucene search

K

Fullworks Security Vulnerabilities

cve
cve

CVE-2023-25713

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...

7.1CVSS

5.7AI Score

0.0005EPSS

2023-04-07 01:15 PM
19
cve
cve

CVE-2022-46863

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.6.4...

5.9CVSS

4.8AI Score

0.001EPSS

2023-03-28 09:15 AM
20
cve
cve

CVE-2023-25702

Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...

5.9CVSS

4.8AI Score

0.0005EPSS

2023-04-07 01:15 PM
24
cve
cve

CVE-2023-23979

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4...

7.1CVSS

5.7AI Score

0.001EPSS

2023-04-06 06:15 AM
11
cve
cve

CVE-2023-23885

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Contact Form plugin <= 8.0.3.1...

6.5CVSS

5.2AI Score

0.0005EPSS

2023-04-07 12:15 PM
28
cve
cve

CVE-2023-23974

Cross-Site Request Forgery (CSRF) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 affecting all registration actions (delete, delete all, edit,...

5.4CVSS

5.6AI Score

0.0005EPSS

2023-03-01 01:15 PM
21
cve
cve

CVE-2022-47608

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Contact Form plugin <= 8.0.3.1...

5.9CVSS

4.8AI Score

0.0005EPSS

2023-04-25 05:15 PM
12
cve
cve

CVE-2023-23889

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Paypal Payments plugin <= 5.7.25...

6.5CVSS

5.2AI Score

0.0005EPSS

2023-04-25 08:15 PM
16
cve
cve

CVE-2017-1000226

Stop User Enumeration 1.3.8 allows user enumeration via the REST...

5.3CVSS

5.3AI Score

0.001EPSS

2022-10-03 04:23 PM
183
cve
cve

CVE-2022-37339

Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Meet My Team plugin <= 2.0.5 at...

5.4CVSS

5.2AI Score

0.001EPSS

2022-09-23 02:15 PM
33
2
cve
cve

CVE-2021-24767

The Redirect 404 Error Page to Homepage or Custom Page with Logs WordPress plugin before 1.7.9 does not check for CSRF when deleting logs, which could allow attacker to make a logged in admin delete them via a CSRF...

6.5CVSS

6.3AI Score

0.001EPSS

2021-11-08 06:15 PM
19
cve
cve

CVE-2017-18536

The stop-user-enumeration plugin before 1.3.8 for WordPress has...

6.1CVSS

6.3AI Score

0.001EPSS

2019-08-21 12:15 PM
32