Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Themepoints Carousel Ultimate allows Stored XSS. This issue affects Carousel Ultimate: from n/a through 1.8. More information : https://patchstack.com/database/wordpress/plugin/carousel/vulnerability/wordpress-carousel-ultimate-plugin-1-8-cross-site-scripting-xss-vulnerability-2?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in JS Morisset JSM file_get_contents() Shortcode allows Stored XSS. This issue affects JSM file_get_contents() Shortcode: from n/a through 2.7.1. More information : https://patchstack.com/database/wordpress/plugin/wp-file-get-contents/vulnerability/wordpress-jsm-file-get-contents-shortcode-plugin-2-7-1-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Michel – xiligroup dev xili-language allows DOM-Based XSS. This issue affects xili-language: from n/a through 2.21.3. More information : https://patchstack.com/database/wordpress/plugin/xili-language/vulnerability/wordpress-xili-language-plugin-2-21-3-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in AnyClip Video Platform AnyClip Luminous Studio allows Stored XSS. This issue affects AnyClip Luminous Studio: from n/a through 1.3.3. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Gravitate Gravitate Automated Tester allows Stored XSS. This issue affects Gravitate Automated Tester: from n/a through 1.4.5. More information : https://patchstack.com/database/wordpress/plugin/gravitate-automated-tester/vulnerability/wordpress-gravitate-automated-tester-plugin-1-4-5-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in chtombleson Mobi2Go allows Stored XSS. This issue affects Mobi2Go: from n/a through 1.0.0. More information : https://patchstack.com/database/wordpress/plugin/mobi2go/vulnerability/wordpress-mobi2go-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Will.I.am Simple Restaurant Menu allows Stored XSS. This issue affects Simple Restaurant Menu: from n/a through 1.2. More information : https://patchstack.com/database/wordpress/plugin/simple-restaurant-menu/vulnerability/wordpress-simple-restaurant-menu-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Nicu Micle Simple JWT Login allows Stored XSS. This issue affects Simple JWT Login: from n/a through 3.6.4. More information : https://patchstack.com/database/wordpress/plugin/simple-jwt-login/vulnerability/wordpress-simple-jwt-login-plugin-3-6-4-cross-site-scripting-xss-vulnerability?_s_id=cve
Insertion of Sensitive Information Into Sent Data vulnerability in Syed Balkhi All In One SEO Pack allows Retrieve Embedded Sensitive Data. This issue affects All In One SEO Pack: from n/a through 4.8.7. More...
Missing Authorization vulnerability in Syed Balkhi All In One SEO Pack allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects All In One SEO Pack: from n/a through 4.8.7. More information :...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Fumiki Takahashi Gianism allows Stored XSS. This issue affects Gianism: from n/a through 5.2.2. More information : https://patchstack.com/database/wordpress/plugin/gianism/vulnerability/wordpress-gianism-plugin-5-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in Aftabul Islam Stock Message allows Stored XSS. This issue affects Stock Message: from n/a through 1.1.0. More information : https://patchstack.com/database/wordpress/plugin/stock-message/vulnerability/wordpress-stock-message-plugin-1-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in WPMK WPMK PDF Generator allows Stored XSS. This issue affects WPMK PDF Generator: from n/a through 1.0.1. More information : https://patchstack.com/database/wordpress/plugin/wpmk-pdf-generator/vulnerability/wordpress-wpmk-pdf-generator-plugin-1-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Use of Hard-coded Credentials vulnerability in weDevs WP Project Manager allows Retrieve Embedded Sensitive Data. This issue affects WP Project Manager: from n/a through 2.6.25. More information : https://patchstack.com/database/wordpress/plugin/wedevs-project-manager/vulnerability/wordpress-wp-project-manager-plugin-2-6-25-sensitive-data-exposure-vulnerability?_s_id=cve