Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-25797: WordPress vSlider Multi Image Slider for WordPress plugin <= 4.1.2 - Cross Site Scripting (XSS) - Patchstack

Auth. Stored Cross-Site Scripting (XSS) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions.

CVE
#xss#vulnerability#web#wordpress#auth
CVE-2023-25792: WordPress WP Open Social plugin <= 5.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in XiaoMac WP Open Social plugin <= 5.0 versions.

CVE-2023-25789: WordPress Tapfiliate plugin <= 3.0.12 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tapfiliate plugin <= 3.0.12 versions.

CVE-2023-25787: WordPress WP资源下载管理 plugin <= 1.3.9 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wbolt team WP?????? plugin <= 1.3.9 versions.

CVE-2023-25786: WordPress Eyes Only: User Access Shortcode plugin <= 1.8.2 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Thom Stark Eyes Only: User Access Shortcode plugin <= 1.8.2 versions.

CVE-2023-25784: WordPress Sticky Ad Bar Plugin plugin <= 1.3.1 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bon Plan Gratos Sticky Ad Bar plugin <= 1.3.1 versions.

CVE-2023-25783: WordPress FireCask Like & Share Button plugin <= 1.1.5 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Moss FireCask Like & Share Button plugin <= 1.1.5 versions.

CVE-2023-23790: WordPress Pods – Custom Content Types and Fields plugin <= 2.9.10.2 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Pods Framework Team Pods – Custom Content Types and Fields plugin <= 2.9.10.2 versions.

CVE-2023-22691: WordPress Category Specific RSS feed Subscription plugin <= v2.1 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Tips and Tricks HQ, Ruhul Amin Category Specific RSS feed Subscription plugin <= v2.1 versions.