Tag
#xss
Microweber CMS prior to version 2.0.3 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in sahumedia SAHU TikTok Pixel for E-Commerce plugin <= 1.2.2 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GARY JEZORSKI CloudNet360 plugin <= 3.2.0 versions.
Microweber CMS version 2.0.1 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FLOWFACT WP Connector plugin <= 2.1.7 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Enej Bajgoric / Gagan Sandhu / CTLT DEV User Avatar plugin <= 1.4.11 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ashish Ajani WordPress Simple HTML Sitemap plugin <= 2.1 versions.
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in D. Relton Medialist plugin <= 1.3.9 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kathy Darling Simple User Listing plugin <= 1.9.2 versions.
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jens Kuerschner Add to Calendar Button plugin <= 1.5.1 versions.