Archives: Reports
CVE ID:
CVE-2023-4961
WordPress Plugin
poptin
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4962
WordPress Plugin
video-popup
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4963
WordPress Plugin
ws-facebook-likebox
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-6684
WordPress Plugin
ibtana-visual-editor
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-14
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4944
WordPress Plugin
awesome-weather
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-13
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4960
WordPress Plugin
wc-multivendor-marketplace
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-13
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5200
WordPress Plugin
flowpaper-lite-pdf-flipbook
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-12
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4919
WordPress Plugin
iframe
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-12
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4890
WordPress Plugin
jquery-vertical-accordion-menu
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-11
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4889
WordPress Plugin
shareaholic
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-10
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4888
WordPress Plugin
simple-facebook-plugin
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-10
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4887
WordPress Plugin
intergeo-maps
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-09
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4842
WordPress Plugin
social-warfare
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-08
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4841
WordPress Plugin
feeds-for-youtube
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-07
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4840
WordPress Plugin
mappress-google-maps-for-wordpress
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-06
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4945
WordPress Plugin
woocommerce-jetpack
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-05
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5638
WordPress Plugin
woocommerce-jetpack
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-05
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4774
WordPress Plugin
wp-piwik
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-04
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4775
WordPress Plugin
advanced-iframe
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-04
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4773
WordPress Plugin
wordpress-social-login
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-03
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4716
WordPress Plugin
media-library-assistant
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-01
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4718
WordPress Plugin
font-awesome-4-menus
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-09-01
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-5292
WordPress Plugin
acf-extended
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-08-31
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4599
WordPress Plugin
email-encoder-bundle
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-08-27
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.
CVE ID:
CVE-2023-4597
WordPress Plugin
wp-slimstat
Vulnerability Type:
Cross-Site Scripting (XSS)
Date:
2023-08-24
The plugin contains a Cross-Site Scripting (XSS) vulnerability due to the plugin does not sanitize and escape some parameters, which makes it possible for authenticated users with a role as low as contributor to inject arbitrary web scripts into pages.