Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-24406: WordPress Simple PopUp plugin <= 1.8.6 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Muneeb ur Rehman Simple PopUp plugin <= 1.8.6 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-23873: WordPress BBSpoiler plugin <= 2.01 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Flector BBSpoiler plugin <= 2.01 versions.

CVE-2023-30746: WordPress Booqable Rental plugin <= 2.4.15 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Booqable Rental Software Booqable Rental plugin <= 2.4.15 versions.

CVE-2022-32970: WordPress Themify Portfolio Post plugin <= 1.2.4 - Auth. Stored Cross-Site Scripting (XSS) vulnerability - Patchstack

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Themify Themify Portfolio Post plugin <= 1.2.4 versions.

CVE-2023-23812: WordPress Enhanced WP Contact Form plugin <= 2.2.3 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joost de Valk Enhanced WP Contact Form plugin <= 2.2.3 versions.

CVE-2023-23789: WordPress Premmerce Redirect Manager plugin <= 1.0.9 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Premmerce Premmerce Redirect Manager plugin <= 1.0.9 versions.

CVE-2023-23786: WordPress affiliate-toolkit plugin <= 3.3.3 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Christof Servit affiliate-toolkit plugin <= 3.3.3 versions.

CVE-2023-23701: WordPress Easy Sign Up plugin <= 3.4.1 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Andrew @ Geeenville Web Design Easy Sign Up plugin <= 3.4.1 versions.

CVE-2023-24392: WordPress Full Width Banner Slider Wp plugin <= 1.1.7 - Reflected Cross-Site Scripting (XSS) vulnerability - Patchstack

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin <= 1.1.7 versions.

CVE-2023-24418: WordPress Tiny carousel horizontal slider plus plugin <= 3.2 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions.