Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Hamid Reza Yazdani E-namad & Shamed Logo Manager allows Stored XSS. This issue affects E-namad & Shamed Logo Manager: from n/a through...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in wpkoithemes WPKoi Templates for Elementor allows DOM-Based XSS. This issue affects WPKoi Templates for Elementor: from n/a through 3.4.1. More information :...
Missing Authorization vulnerability in ThimPress WP Events Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Events Manager: from n/a through 2.2.1. More information : https://patchstack.com/database/wordpress/plugin/wp-events-manager/vulnerability/wordpress-wp-events-manager-plugin-2-2-1-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Uncanny Owl Uncanny Toolkit for LearnDash allows Stored XSS. This issue affects Uncanny Toolkit for LearnDash: from n/a through 3.0.7.3. More information...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Brajesh Singh WordPress Widgets Shortcode allows Stored XSS. This issue affects WordPress Widgets Shortcode: from n/a through 1.0.3. More information : https://patchstack.com/database/wordpress/plugin/wp-widgets-shortcode/vulnerability/wordpress-wordpress-widgets-shortcode-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in solwininfotech Blog Designer allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Blog Designer: from n/a through 3.1.8. More information : https://patchstack.com/database/wordpress/plugin/blog-designer/vulnerability/wordpress-blog-designer-plugin-3-1-8-broken-access-control-vulnerability?_s_id=cve
Missing Authorization vulnerability in Clariti Clariti allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Clariti: from n/a through 1.2.1. More information : https://patchstack.com/database/wordpress/plugin/clariti/vulnerability/wordpress-clariti-plugin-1-2-1-broken-access-control-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in InterServer Mail Baby SMTP allows Cross Site Request Forgery. This issue affects Mail Baby SMTP: from n/a through 2.8. More information : https://patchstack.com/database/wordpress/plugin/mail-baby-smtp/vulnerability/wordpress-mail-baby-smtp-plugin-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Benjamin Pick Geolocation IP Detection allows Stored XSS. This issue affects Geolocation IP Detection: from n/a through 5.5.0. More information : https://patchstack.com/database/wordpress/plugin/geoip-detect/vulnerability/wordpress-geolocation-ip-detection-plugin-5-5-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in husani WP Subtitle allows Stored XSS. This issue affects WP Subtitle: from n/a through 3.4.1. More information : https://patchstack.com/database/wordpress/plugin/wp-subtitle/vulnerability/wordpress-wp-subtitle-plugin-3-4-1-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Tomas Cordero Safety Exit allows Stored XSS. This issue affects Safety Exit: from n/a through 1.8.0. More information : https://patchstack.com/database/wordpress/plugin/safety-exit/vulnerability/wordpress-safety-exit-plugin-1-8-0-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.3.1. More information : https://patchstack.com/database/wordpress/plugin/wp-social-widget/vulnerability/wordpress-wp-social-widget-plugin-2-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in WPBean Advance Portfolio Grid allows Stored XSS. This issue affects Advance Portfolio Grid: from n/a through 1.07.6. More information : https://patchstack.com/database/wordpress/plugin/advance-portfolio-grid/vulnerability/wordpress-advance-portfolio-grid-plugin-1-07-6-cross-site-scripting-xss-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in Damian BP Disable Activation Reloaded allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects BP Disable Activation Reloaded: from n/a through 1.2.1. More information : https://patchstack.com/database/wordpress/plugin/bp-disable-activation-reloaded/vulnerability/wordpress-bp-disable-activation-reloaded-plugin-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve