A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The name of the patch is a07b7b08084b9b85859f3968ce7fde0fd1fcbba3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-259628.
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gabrielperezs TTT Crop ttt-crop allows Reflected XSS.This issue affects TTT Crop: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixelpro Cookies Pro cookies-pro allows Reflected XSS.This issue affects Cookies Pro: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TC.K Advance WP Query Search Filter advance-wp-query-search-filter allows Reflected XSS.This issue affects Advance WP Query Search Filter: from n/a through <= 1.0.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Muneeb Mobile rocket-wp-mobile allows Reflected XSS.This issue affects Mobile: from n/a through <= 1.3.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grimdonkey Magic the Gathering Card Tooltips magic-the-gathering-card-tooltips allows Stored XSS.This issue affects Magic the Gathering Card Tooltips: from n/a through <= 3.5.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Frank In Stock Mailer for WooCommerce in-stock-mailer-for-woocommerce allows Reflected XSS.This issue affects In Stock Mailer for WooCommerce: from n/a through <= 2.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yendif Player Another Events Calendar another-events-calendar allows Reflected XSS.This issue affects Another Events Calendar: from n/a through <= 1.7.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in matiskiba Ravpage ravpage allows Reflected XSS.This issue affects Ravpage: from n/a through <= 2.33.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in caalami Advanced Custom Fields: Link Picker Field acf-link-picker-field allows Reflected XSS.This issue affects Advanced Custom Fields: Link Picker Field: from n/a through <= 1.2.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle Maurer Display Post Meta display-post-meta allows Reflected XSS.This issue affects Display Post Meta: from n/a through <= 2.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nghorta sidebarTabs sidebartabs allows Reflected XSS.This issue affects sidebarTabs: from n/a through <= 3.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristopher Dino IE CSS3 Support ie-css3-support allows Reflected XSS.This issue affects IE CSS3 Support: from n/a through <= 2.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KKWangen WP Contact Form III wp-contact-form-iii allows Reflected XSS.This issue affects WP Contact Form III: from n/a through <= 1.6.2d.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in takumin WP Simple Slideshow wp-simple-slideshow allows Reflected XSS.This issue affects WP Simple Slideshow: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in abelony Events Planner events-planner allows Reflected XSS.This issue affects Events Planner: from n/a through <= 1.3.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rock Solid Responsive Modal Builder for High Conversion – Easy Popups easy-popups allows Reflected XSS.This issue affects Responsive Modal Builder for High Conversion – Easy Popups: from n/a through <= 1.5.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DyadyaLesha DL Leadback dl-leadback allows Reflected XSS.This issue affects DL Leadback: from n/a through <= 1.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Bootstrap collapse bootstrap-collapse allows Stored XSS.This issue affects Bootstrap collapse: from n/a through <= 1.0.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood Alphabetic Pagination alphabetic-pagination allows Reflected XSS.This issue affects Alphabetic Pagination: from n/a through <= 3.2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Max K UTM tags tracking for Contact Form 7 cf7-utm-tracking allows Reflected XSS.This issue affects UTM tags tracking for Contact Form 7: from n/a through <= 2.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nicola Mustone WP Discord Post wp-discord-post allows Reflected XSS.This issue affects WP Discord Post: from n/a through <= 2.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dang Ngoc Binh Zalo Live Chat zalo-live-chat allows Reflected XSS.This issue affects Zalo Live Chat: from n/a through <= 1.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodeSolz Bitcoin / AltCoin Payment Gateway for WooCommerce woo-altcoin-payment-gateway allows Reflected XSS.This issue affects Bitcoin / AltCoin Payment Gateway for WooCommerce: from n/a through <= 1.7.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in videowhisper Picture Gallery picture-gallery allows Reflected XSS.This issue affects Picture Gallery: from n/a through <= 1.6.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in expresstechsoftware MemberPress Discord Addon expresstechsoftwares-memberpress-discord-add-on allows Reflected XSS.This issue affects MemberPress Discord Addon: from n/a through <= 1.1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in badrHan Naver Syndication V2 badr-naver-syndication allows Stored XSS.This issue affects Naver Syndication V2: from n/a through <= 0.8.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JamRizzi Technologies Rizzi Guestbook rizzi-guestbook allows Reflected XSS.This issue affects Rizzi Guestbook: from n/a through <= 4.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kagla GNUPress gnupress allows Reflected XSS.This issue affects GNUPress: from n/a through <= 0.2.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fastflow Fast Flow fast-flow-dashboard allows Reflected XSS.This issue affects Fast Flow: from n/a through <= 1.2.16.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spring Devs Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin wc-pre-order allows Reflected XSS.This issue affects Pre Order Addon for WooCommerce – Advance Order/Backorder Plugin: from n/a through <= 2.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Sutana WP App Bar wp-app-bar allows Reflected XSS.This issue affects WP App Bar: from n/a through <= 1.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zzmaster WP AntiDDOS wpantiddos allows Reflected XSS.This issue affects WP AntiDDOS: from n/a through <= 2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in videowhisper MicroPayments paid-membership allows Reflected XSS.This issue affects MicroPayments: from n/a through <= 3.2.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kagla GNUCommerce gnucommerce allows Reflected XSS.This issue affects GNUCommerce: from n/a through <= 1.5.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kdmurray Random Image Selector random-image-selector allows Reflected XSS.This issue affects Random Image Selector: from n/a through <= 2.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Infility Infility Global infility-global allows Stored XSS.This issue affects Infility Global: from n/a through <= 2.15.11.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Thorsten Ott Debug-Bar-Extender debug-bar-extender allows Reflected XSS.This issue affects Debug-Bar-Extender: from n/a through <= 0.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Travis Ballard TBTestimonials tb-testimonials allows Reflected XSS.This issue affects TBTestimonials: from n/a through <= 1.7.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realvirtualmx RVCFDI para Woocommerce rvcfdi-para-woocommerce allows Reflected XSS.This issue affects RVCFDI para Woocommerce: from n/a through <= 8.1.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in viperchill ViperBar viperbar allows Reflected XSS.This issue affects ViperBar: from n/a through <= 2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Autoglot Autoglot – Automatic WordPress Translation autoglot allows Reflected XSS.This issue affects Autoglot – Automatic WordPress Translation: from n/a through <= 2.4.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webheadcoder WP Log Action wp-log-action allows Reflected XSS.This issue affects WP Log Action: from n/a through <= 0.51.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Reflected XSS.This issue affects WP Mailster: from n/a through <= 1.8.20.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GT3themes Oyster - Photography WordPress Theme oyster allows DOM-Based XSS.This issue affects Oyster - Photography WordPress Theme: from n/a through <= 4.4.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Danish Ali Malik Top Bar – PopUps – by WPOptin wpoptin allows Reflected XSS.This issue affects Top Bar – PopUps – by WPOptin: from n/a through <= 2.0.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SysBasics Customize My Account for WooCommerce customize-my-account-for-woocommerce allows Reflected XSS.This issue affects Customize My Account for WooCommerce: from n/a through <= 2.8.22.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aviplugins.com Contact Form With Shortcode contact-form-with-shortcode allows Reflected XSS.This issue affects Contact Form With Shortcode: from n/a through <= 4.2.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through <= 1.0.39.