Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-24411: WordPress BNE Testimonials plugin <= 2.0.7 - Cross Site Scripting (XSS) - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kerry Kline BNE Testimonials plugin <= 2.0.7 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-24004: WordPress Image and Video Lightbox, Image PopUp plugin <= 2.1.5 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Image and Video Lightbox, Image PopUp plugin <= 2.1.5 versions.

CVE-2023-24003: WordPress WP Popups – WordPress Popup builder plugin <= 2.1.4.8 - Cross Site Scripting (XSS) - Patchstack

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Timersys WP Popups – WordPress Popup plugin <= 2.1.4.8 versions.

CVE-2023-24002: WordPress YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 versions.

CVE-2023-23998: WordPress VikRentCar Car Rental Management System plugin <= 1.3.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions.

CVE-2023-23980: WordPress MailOptin plugin <= 1.2.54.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MailOptin Popup Builder Team MailOptin plugin <= 1.2.54.0 versions.

CVE-2023-24001: WordPress Modal Dialog plugin <= 3.5.9 - Cross Site Scripting (XSS) Vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.9 versions.