Security
Headlines
HeadlinesLatestCVEs

Tag

#web

CVE-2023-45637: WordPress EventPrime plugin <= 3.1.5 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in EventPrime EventPrime – Events Calendar, Bookings and Tickets plugin <= 3.1.5 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-45747: WordPress WP Lightbox 2 plugin <= 3.0.6.5 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Syed Balkhi WP Lightbox 2 plugin <= 3.0.6.5 versions.

CVE-2023-45764: WordPress Scroll post excerpt plugin <= 8.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Scroll post excerpt plugin <= 8.0 versions.

CVE-2023-45767: WordPress Simple Tweet plugin <= 1.4.0.2 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wokamoto Simple Tweet plugin <= 1.4.0.2 versions.

CVE-2023-45761: WordPress Sendle Shipping plugin <= 5.14 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Joovii Sendle Shipping Plugin plugin <= 5.13 versions.

CVE-2023-45758: WordPress Amministrazione Trasparente plugin <= 8.0.2 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Amministrazione Trasparente plugin <= 8.0.2 versions.

CVE-2023-45772: WordPress Proofreading plugin <= 1.0.11 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Scribit Proofreading plugin <= 1.0.11 versions.

CVE-2023-45770: WordPress Fast WP Speed plugin <= 1.0.0 - Reflected Cross-Site Scripting vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fastwpspeed Fast WP Speed plugin <= 1.0.0 versions.

CVE-2023-45829: WordPress Newsletter & Bulk Email Sender plugin <= 2.0.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in HappyBox Newsletter & Bulk Email Sender – Email Newsletter Plugin for WordPress plugin <= 2.0.1 versions.

CVE-2023-45769: WordPress WP Report Post plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Alex Raven WP Report Post plugin <= 2.1.2 versions.