Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-24002: WordPress YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 versions.

CVE
Open in Source
#xss#vulnerability#web#wordpress#auth
CVE-2023-23998: WordPress VikRentCar Car Rental Management System plugin <= 1.3.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in E4J s.R.L. VikRentCar Car Rental Management System plugin <= 1.3.0 versions.

CVE-2023-23980: WordPress MailOptin plugin <= 1.2.54.0 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MailOptin Popup Builder Team MailOptin plugin <= 1.2.54.0 versions.

CVE-2023-24001: WordPress Modal Dialog plugin <= 3.5.9 - Cross Site Scripting (XSS) Vulnerability - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.9 versions.

CVE-2023-23979: WordPress Quick Event Manager plugin <= 9.7.4 - Cross Site Scripting (XSS) - Patchstack

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions.

CVE-2023-23972: WordPress Social Like Box and Page by WpDevArt plugin <= 0.8.39 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin <= 0.8.39 versions.

CVE-2023-23971: WordPress WP Time Slots Booking Form plugin <= 1.1.81 - Cross Site Scripting (XSS) - Patchstack

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form plugin <= 1.1.81 versions.