Contributor
GiveWP Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2023-51415 | WordPress Plugin Vulnerability Report
Plugin Name: GiveWP Key Information: Software Type: Plugin Software Slug: give Software Status: Active Software Author: webdevmattcrom Software Downloads: 6,478,131 Active Installs: 100,000 Last Updated: January 19, 2024 Patched Versions: 3.3.0 Affected Versions: <= 3.2.2 Vulnerability Details: Name: GiveWP <= 3.2.2 – Authenticated (Contributor+) Stored Cross-Site Scripting Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) CVE: CVE-2023-51415 CVSS Score: 6.4…
Read MoreWordPress Plugin Vulnerability Report – Import and export users and customers – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode – CVE-2023-6624
Plugin Name: Import and export users and customers Key Information: Software Type: Plugin Software Slug: import-users-from-csv-with-meta Software Status: Active Software Author: carazo Software Downloads: 3,901,440 Active Installs: 80,000 Last Updated: December 11, 2023 Patched Versions: Affected Versions: Vulnerability Details: Name: Import and export users and customers <= 1.24.3 – Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode Title: Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode Type: Improper Neutralization…
Read More