Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in icopydoc Maps for WP allows Stored XSS. This issue affects Maps for WP: from n/a through 1.2.5. More information : https://patchstack.com/database/wordpress/plugin/maps-for-wp/vulnerability/wordpress-maps-for-wp-plugin-1-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in 100plugins Open User Map allows DOM-Based XSS. This issue affects Open User Map: from n/a through 1.4.14. More information : https://patchstack.com/database/wordpress/plugin/open-user-map/vulnerability/wordpress-open-user-map-plugin-1-4-14-cross-site-scripting-xss-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ays Pro Poll Maker allows DOM-Based XSS. This issue affects Poll Maker: from n/a through 6.0.1. More information : https://patchstack.com/database/wordpress/plugin/poll-maker/vulnerability/wordpress-poll-maker-plugin-6-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in oggix Ongkoskirim.id allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Ongkoskirim.id: from n/a through 1.0.6. More information : https://patchstack.com/database/wordpress/plugin/ongkoskirim-id/vulnerability/wordpress-ongkoskirim-id-plugin-1-0-6-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Glen Scott Plugin Security Scanner allows Stored XSS. This issue affects Plugin Security Scanner: from n/a through 2.0.2. More information : https://patchstack.com/database/wordpress/plugin/plugin-security-scanner/vulnerability/wordpress-plugin-security-scanner-plugin-2-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve
Server-Side Request Forgery (SSRF) vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool allows Server Side Request Forgery. This issue affects Skimlinks Affiliate Marketing Tool: from n/a through 1.3. More information : https://patchstack.com/database/wordpress/plugin/skimlinks/vulnerability/wordpress-skimlinks-affiliate-marketing-tool-plugin-1-3-server-side-request-forgery-ssrf-vulnerability?_s_id=cve
Missing Authorization vulnerability in Skimlinks Skimlinks Affiliate Marketing Tool allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Skimlinks Affiliate Marketing Tool: from n/a through 1.3. More information : https://patchstack.com/database/wordpress/plugin/skimlinks/vulnerability/wordpress-skimlinks-affiliate-marketing-tool-plugin-1-3-broken-access-control-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in cedcommerce WP Advanced PDF allows Stored XSS. This issue affects WP Advanced PDF: from n/a through 1.1.7. More information : https://patchstack.com/database/wordpress/plugin/wp-advanced-pdf/vulnerability/wordpress-wp-advanced-pdf-plugin-1-1-7-cross-site-scripting-xss-vulnerability?_s_id=cve
Cross-Site Request Forgery (CSRF) vulnerability in Loc Bui payOS allows Cross Site Request Forgery. This issue affects payOS: from n/a through 1.0.61. More information : https://patchstack.com/database/wordpress/plugin/payos/vulnerability/wordpress-payos-plugin-1-0-61-cross-site-request-forgery-csrf-vulnerability?_s_id=cve
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Ays Pro Photo Gallery by Ays allows DOM-Based XSS. This issue affects Photo Gallery by Ays: from n/a through 6.3.6. More information...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in e-plugins Directory Pro allows DOM-Based XSS. This issue affects Directory Pro: from n/a through 2.5.5. More information : https://patchstack.com/database/wordpress/plugin/directory-pro/vulnerability/wordpress-directory-pro-plugin-2-5-5-cross-site-scripting-xss-vulnerability?_s_id=cve
Missing Authorization vulnerability in Meitar Subresource Integrity (SRI) Manager allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Subresource Integrity (SRI) Manager: from n/a through 0.4.0. More information : https://patchstack.com/database/wordpress/plugin/wp-sri/vulnerability/wordpress-subresource-integrity-sri-manager-plugin-0-4-0-broken-access-control-vulnerability?_s_id=cve
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in etruel WPeMatico RSS Feed Fetcher allows Retrieve Embedded Sensitive Data. This issue affects WPeMatico RSS Feed Fetcher: from n/a through 2.8.10. More...
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in themewant Easy Hotel Booking allows DOM-Based XSS. This issue affects Easy Hotel Booking: from n/a through 1.6.9. More information : https://patchstack.com/database/wordpress/plugin/easy-hotel/vulnerability/wordpress-easy-hotel-booking-plugin-1-6-9-cross-site-scripting-xss-vulnerability?_s_id=cve