#wordpress

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in nCrafts FormCraft plugin <= 1.2.6 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in RVOLA WP Original Media Path plugin <= 2.4.0 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PropertyHive plugin <= 1.5.48 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Subscribers.Com Subscribers plugin <= 1.5.3 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shopfiles Ltd Ebook Store plugin <= 5.775 versions.

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Webcodin WCP Contact Form plugin <= 3.1.0 versions.

The privilege escalation flaw is one in thousands that researchers have disclosed in recent years.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ApexChat plugin <= 1.3.1 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin <= 2.1.4 versions.

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodeSolz Easy Ad Manager plugin <= 1.0.0 versions.