Source
CVE
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany – Protected Shops plugin <= 2.0 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <= 1.6.01 versions.
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPERTS.IN TEAM WP Categories Widget plugin <= 2.2 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blindside Networks BigBlueButton plugin <= 3.0.0-beta.4 versions.
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ???(std.Cloud) WxSync plugin <= 2.7.23 versions.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.3.2 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.10 versions.