Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-24004: WordPress Image and Video Lightbox, Image PopUp plugin <= 2.1.5 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Image and Video Lightbox, Image PopUp plugin <= 2.1.5 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-23998: WordPress VikRentCar Car Rental Management System plugin <= 1.3.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions.

CVE-2023-23980: WordPress MailOptin plugin <= 1.2.54.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MailOptin Popup Builder Team MailOptin plugin <= 1.2.54.0 versions.

CVE-2023-24001: WordPress Modal Dialog plugin <= 3.5.9 - Cross Site Scripting (XSS) Vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.9 versions.

CVE-2023-23972: WordPress Social Like Box and Page by WpDevArt plugin <= 0.8.39 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin <= 0.8.39 versions.

CVE-2023-23971: WordPress WP Time Slots Booking Form plugin <= 1.1.81 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form plugin <= 1.1.81 versions.

CVE-2023-23979: WordPress Quick Event Manager plugin <= 9.7.4 - Cross Site Scripting (XSS) - Patchstack

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions.