Security
Headlines
HeadlinesLatestCVEs

Tag

#wordpress

CVE-2023-22678: WordPress Superior FAQ plugin <= 1.0.2 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Rafael Dery Superior FAQ plugin <= 1.0.2 versions.

CVE
Open in Source
#csrf#vulnerability#wordpress#auth
CVE-2023-23718: WordPress Page Loading Effects plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability - Patchstack

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Esstat17 Page Loading Effects plugin <= 2.0.0 versions.

CVE-2023-25795: WordPress Feed Changer plugin <= 0.2 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in WP-master.Ir Feed Changer & Remover plugin <= 0.2 versions.

CVE-2023-25064: WordPress WP htpasswd plugin <= 1.7 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Matteo Candura WP htpasswd plugin <= 1.7 versions.

CVE-2023-25794: WordPress Nooz plugin <= 1.6.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Mighty Digital Nooz plugin <= 1.6.0 versions.

CVE-2023-24381: WordPress Advanced Social Pixel plugin <= 2.1.1 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in NsThemes Advanced Social Pixel plugin <= 2.1.1 versions.

CVE-2023-22681: WordPress Online Exam Software : eExamhall plugin <= 4.0 - Cross Site Request Forgery (CSRF) - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Aarvanshinfotech Online Exam Software: eExamhall plugin <= 4.0 versions.