Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-23722: WordPress WP eBay Product Feeds plugin <= 3.3.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP eBay Product Feeds plugin <= 3.3.1 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-23728: WordPress WP Flipclock plugin <= 1.7.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Flipclock plugin <= 1.7.4 versions.

CVE-2022-47589: WordPress CTT Expresso para WooCommerce plugin <= 3.2.11 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in this.Functional CTT Expresso para WooCommerce plugin <= 3.2.11 versions.

CVE-2023-22702: WordPress WPMobile.App — Android and iOS Mobile Application plugin <= 11.13 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WPMobile.App WPMobile.App — Android and iOS Mobile Application plugin <= 11.13 versions.

WordPress Watu Quiz 3.3.9 / GN Publisher 1.5.5 / Japanized For WooComerce 2.5.4 XSS

WordPress plugins Watu Quiz versions 3.3.9 and below, GN Publisher versions 1.5.5 and below, and Japanized For WooCommerce versions 2.5.4 and below suffer from cross site scripting vulnerabilities.

CVE-2023-23864: WordPress Very Simple Google Maps plugin <= 2.8.4 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Michael Aronoff Very Simple Google Maps plugin <= 2.8.4 versions.

CVE-2023-22716: WordPress OOPSpam Anti-Spam plugin <= 1.1.35 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.35 versions.

CVE-2023-22715: WordPress WP-CommentNavi plugin <= 1.12.1 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Lester 'GaMerZ' Chan WP-CommentNavi plugin <= 1.12.1 versions.

CVE-2023-23650: WordPress MainWP Code Snippets Extension Plugin <= 4.0.2 - Subscriber+ Stored Cross-Site Scripting Vulnerability - Patchstack

Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in MainWP MainWP Code Snippets Extension plugin <= 4.0.2 versions.

CVE-2023-22712: WordPress TemplatesNext ToolKit plugin <= 3.2.7 - Cross Site Scripting (XSS) - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TemplatesNext TemplatesNext ToolKit plugin <= 3.2.7 versions.