Archives: Reports
CVE ID:
CVE-2023-5658
WordPress Plugin
wp-mapit
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5577
WordPress Plugin
wp-bitly
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-13
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5565
WordPress Plugin
shortcode-menu
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-12
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5567
WordPress Plugin
qr-code-tag
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-12
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5566
WordPress Plugin
smpl-shortcodes
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-12
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5507
WordPress Plugin
imagemapper
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-10
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5468
WordPress Plugin
slick-contact-forms
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-09
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5469
WordPress Plugin
drop-shadow-boxes
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-09
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5470
WordPress Plugin
etsy-shop
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-09
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5467
WordPress Plugin
geo-my-wp
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-09
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5432
WordPress Plugin
jquery-news-ticker
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-04
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5357
WordPress Plugin
instagram-for-wordpress
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-03
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5413
WordPress Plugin
image-horizontal-reel-scroll-slideshow
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-03
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5362
WordPress Plugin
spice-post-slider
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-03
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5335
WordPress Plugin
buzzsprout-podcasting
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-02
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5337
WordPress Plugin
formforall
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-02
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5338
WordPress Plugin
theme-blvd-shortcodes
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-10-02
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5334
WordPress Plugin
responsive-header-image-slider
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-30
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5295
WordPress Plugin
facebook-comment-by-vivacity
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-29
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5308
WordPress Plugin
podcast-subscribe-buttons
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-29
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5252
WordPress Plugin
fareharbor
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-28
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5291
WordPress Plugin
blog-filter
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-28
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5230
WordPress Plugin
tm-woocommerce-compare-wishlist
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-27
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5232
WordPress Plugin
font-awesome-more-icons
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-27
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5233
WordPress Plugin
font-awesome-integration
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-27
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.