Archives: Reports
CVE ID:
CVE-2024-3811
WordPress Plugin
salient-shortcodes
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2024-04-15
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5742
WordPress Plugin
easyrotator-for-wordpress
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-23
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5744
WordPress Plugin
very-simple-google-maps
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-23
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5741
WordPress Plugin
powr-pack
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-23
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5740
WordPress Plugin
wp-facebook-messenger
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-23
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5743
WordPress Plugin
telephone-number-linker
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-23
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5708
WordPress Plugin
wp-post-columns
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-21
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5707
WordPress Plugin
seo-slider
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-21
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5704
WordPress Plugin
cpo-shortcodes
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-20
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5705
WordPress Plugin
vk-filter-search
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-20
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5706
WordPress Plugin
vk-blocks
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-20
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5703
WordPress Plugin
gift-up
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-20
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5669
WordPress Plugin
featured-image-caption
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-19
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5667
WordPress Plugin
tabs-pro
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-18
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5666
WordPress Plugin
accordions-wp
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-18
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5668
WordPress Plugin
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-18
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5615
WordPress Plugin
skype-online-status
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-17
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5665
WordPress Plugin
payment-forms-for-paystack
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-17
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5639
WordPress Plugin
team-showcase
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-17
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5662
WordPress Plugin
wp-sponsors
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-16
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5664
WordPress Plugin
garden-gnome-package
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-16
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5660
WordPress Plugin
sendpress
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5659
WordPress Plugin
interact-quiz-embed
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5613
WordPress Plugin
super-testimonial
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5614
WordPress Plugin
theme-switcha
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.