Archives: Reports

WordPress Plugin

wp-mapit

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

wp-bitly

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-13

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

shortcode-menu

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-12

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

qr-code-tag

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-12

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

smpl-shortcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-12

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

imagemapper

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-10

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

slick-contact-forms

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-09

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

drop-shadow-boxes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-09

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

etsy-shop

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-09

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

geo-my-wp

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-09

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

jquery-news-ticker

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-04

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

instagram-for-wordpress

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-03

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

image-horizontal-reel-scroll-slideshow

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-03

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

spice-post-slider

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-03

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

buzzsprout-podcasting

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-02

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

formforall

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-02

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

theme-blvd-shortcodes

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-10-02

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

responsive-header-image-slider

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-30

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

facebook-comment-by-vivacity

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-29

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

podcast-subscribe-buttons

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-29

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

fareharbor

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-28

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

blog-filter

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-28

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

tm-woocommerce-compare-wishlist

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-27

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

font-awesome-more-icons

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-27

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

font-awesome-integration

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-27

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.