#wordpress

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin <= 4.6.3 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin <= 7.5.32.7212 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin <= 2.0 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin <= 3.17.1 versions.

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin <= 4.4 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin <= 5.1.3 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin <= 2.5 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin <= 1.9.9 versions.

Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin <= 1.0.6 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin <= 1.3.0 versions.