Posts Tagged ‘XSS Attack’
String Locator Vulnerability – Reflected Cross-Site Scripting – CVE-2023-6987 | WordPress Plugin Vulnerability Report
Plugin Name: String Locator Key Information: Software Type: Plugin Software Slug: string-locator Software Status: Active Software Author: instawp Software Downloads: 1,093,003 Active Installs: 100,000 Last Updated: August 23, 2024 Patched Versions: 2.6.6 Affected Versions: <= 2.6.5 Vulnerability Details: Name: String Locator <= 2.6.5 Title: Reflected Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE: CVE-2023-6987 CVSS Score: 6.1 Publicly…
Read MoreCustom Permalinks Vulnerability – Authenticated (Editor+) Stored Cross-Site Scripting – CVE-2023-0926 | WordPress Plugin Vulnerability Report
Plugin Name: Custom Permalinks Key Information: Software Type: Plugin Software Slug: custom-permalinks Software Status: Active Software Author: sasiddiqui Software Downloads: 2,177,680 Active Installs: 100,000 Last Updated: August 23, 2024 Patched Versions: 2.7.0 Affected Versions: <= 2.6.0 Vulnerability Details: Name: Custom Permalinks <= 2.6.0 Title: Authenticated (Editor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N CVE: CVE-2023-0926 CVSS Score:…
Read MoreResponsive Lightbox & Gallery Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via File Upload – CVE-2024-6870 | WordPress Plugin Vulnerability Report
Plugin Name: Responsive Lightbox & Gallery Key Information: Software Type: Plugin Software Slug: responsive-lightbox Software Status: Active Software Author: dfactory Software Downloads: 5,285,709 Active Installs: 200,000 Last Updated: August 23, 2024 Patched Versions: 2.4.8 Affected Versions: <= 2.4.7 Vulnerability Details: Name: Responsive Lightbox & Gallery <= 2.4.7 Title: Authenticated (Author+) Stored Cross-Site Scripting via File…
Read MoreOrbit Fox by ThemeIsle Vulnerability – Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload – CVE-2024-7778 | WordPress Plugin Vulnerability Report
Plugin Name: Orbit Fox by ThemeIsle Key Information: Software Type: Plugin Software Slug: themeisle-companion Software Status: Active Software Author: themeisle Software Downloads: 11,901,676 Active Installs: 200,000 Last Updated: August 23, 2024 Patched Versions: 2.10.37 Affected Versions: <= 2.10.36 Vulnerability Details: Name: Orbit Fox by ThemeIsle <= 2.10.36 Title: Authenticated (Author+) Stored Cross-Site Scripting via SVG…
Read MoreJeg Elementor Kit Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget – CVE-2024-3161 | WordPress Plugin Vulnerability Report
Plugin Name: Jeg Elementor Kit Key Information: Software Type: Plugin Software Slug: jeg-elementor-kit Software Status: Active Software Author: jegtheme Software Downloads: 1,207,029 Active Installs: 200,000 Last Updated: May 10, 2024 Patched Versions: 2.6.5 Affected Versions: <= 2.6.4 Vulnerability Details: Name: Jeg Elementor Kit <= 2.6.4 Title: Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget Type:…
Read MorePremium Addons for Elementor Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-4203 | WordPress Plugin Vulnerability Report
Plugin Name: Premium Addons for Elementor Key Information: Software Type: Plugin Software Slug: premium-addons-for-elementor Software Status: Active Software Author: leap13 Software Downloads: 31,890,759 Active Installs: 700,000 Last Updated: May 13, 2024 Patched Versions: 4.10.31 Affected Versions: <= 4.10.30 Vulnerability Details: Name: Premium Addons for Elementor <= 4.10.30 Title: Authenticated (Contributor+) Stored Cross-Site Scripting Type: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N…
Read MoreComments – wpDiscuz Vulnerability – Authenticated Stored Cross-Site Scripting via Uploaded Image Alternative Text – CVE-2024-2477 | WordPress Plugin Vulnerability Report
Plugin Name: Comments – wpDiscuz Key Information: Software Type: Plugin Software Slug: wpdiscuz Software Status: Active Software Author: advancedcoding Software Downloads: 3,284,736 Active Installs: 80,000 Last Updated: May 9, 2024 Patched Versions: 7.6.16 Affected Versions: <= 7.6.15 Vulnerability Details: Name: wpDiscuz <= 7.6.15 Title: Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Image Alternative Text Type:…
Read MoreSchema & Structured Data for WP & AMP Vulnerability – Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks – CVE-2024-3491 | WordPress Plugin Vulnerability Report
Plugin Name: Schema & Structured Data for WP & AMP Key Information: Software Type: Plugin Software Slug: schema-and-structured-data-for-wp Software Status: Active Software Author: magazine3 Software Downloads: 5,175,623 Active Installs: 100,000 Last Updated: May 6, 2024 Patched Versions: 1.30 Affected Versions: <= 1.29 Vulnerability Details: Name: Schema & Structured Data for WP & AMP <= 1.29…
Read MoreLearnPress Vulnerability – WordPress LMS Plugin – Authenticated (Contributor+) Stored Cross-Site Scripting – CVE-2024-3560 | WordPress Plugin Vulnerability Report
Plugin Name: LearnPress – WordPress LMS Plugin Key Information: Software Type: Plugin Software Slug: learnpress Software Status: Active Software Author: thimpress Software Downloads: 4,188,254 Active Installs: 90,000 Last Updated: May 2, 2024 Patched Versions: 4.2.6.5 Affected Versions: <= 4.2.6.4 Vulnerability Details: Name: LearnPress – WordPress LMS Plugin <= 4.2.6.4 Title: Authenticated (Contributor+) Stored Cross-Site Scripting…
Read MoreHT Mega Vulnerability – Absolute Addons For Elementor – Multiple Vulnerabilities – Various CVEs |WordPress Plugin Vulnerability Report
Plugin Name: HT Mega – Absolute Addons For Elementor Key Information: Software Type: Plugin Software Slug: ht-mega-for-elementor Software Status: Active Software Author: devitemsllc Software Downloads: 3,754,207 Active Installs: 100,000 Last Updated: April 26, 2024 Patched Versions: 2.4.7, 2.4.9 Affected Versions: <= 2.4.6, <= 2.4.8 Vulnerability Details: Name: HT Mega – Absolute Addons For Elementor <=…
Read More