Archives: Reports

WordPress Plugin

poptin

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

video-popup

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

ws-facebook-likebox

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

ibtana-visual-editor

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-14

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

awesome-weather

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-13

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

wc-multivendor-marketplace

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-13

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

flowpaper-lite-pdf-flipbook

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-12

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

iframe

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-12

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

jquery-vertical-accordion-menu

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-11

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

shareaholic

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-10

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

simple-facebook-plugin

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-10

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

intergeo-maps

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-09

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

social-warfare

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-08

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

feeds-for-youtube

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-07

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

mappress-google-maps-for-wordpress

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-06

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

woocommerce-jetpack

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-05

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

woocommerce-jetpack

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-05

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

wp-piwik

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-04

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

advanced-iframe

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-04

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

wordpress-social-login

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-03

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

media-library-assistant

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-01

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

font-awesome-4-menus

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-09-01

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

acf-extended

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-08-31

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

email-encoder-bundle

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-08-27

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.

WordPress Plugin

wp-slimstat

Vulnerability Type:

Cross-Site Scripting (XSS)

Date:

2023-08-24

The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.