Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Akhtarujjaman Shuvo Bootstrap Shortcodes Ultimate allows Stored XSS.This issue affects Bootstrap Shortcodes Ultimate: from n/a through 4.3.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Automattic WooCommerce, Automattic WooCommerce Blocks allows Stored XSS.This issue affects WooCommerce: from n/a through 8.1.1; WooCommerce Blocks: from n/a through 11.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Stored XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Columns plugin <= 1.6.1 versions.
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Chris Yee MomentoPress for Momento360 plugin <= 1.0.1 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrestaProject Attesa Extra attesa-extra allows Stored XSS.This issue affects Attesa Extra: from n/a through <= 1.4.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh KUMAR Mukhiya Anywhere Flash Embed plugin <= 1.0.5 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grandslambert Better RSS Widget plugin <= 2.8.1 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Justin Tadlock Series series allows Stored XSS.This issue affects Series: from n/a through <= 2.0.1.
phpipam 1.6 is vulnerable to Cross Site Scripting (XSS) via /app/tools/request-ip/index.php.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagup Bulk Auto Image Title Attribute bulk-image-title-attribute allows DOM-Based XSS.This issue affects Bulk Auto Image Title Attribute: from n/a through <= 2.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master plugin <= 8.1.13 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ersatzpole ML Responsive Audio player with playlist Shortcode mlr-audio allows Stored XSS.This issue affects ML Responsive Audio player with playlist Shortcode: from n/a through <= 0.2.
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Bright Plugins Pre-Orders for WooCommerce plugin <= 1.2.13 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thinkupthemes Minamaze minamaze allows Stored XSS.This issue affects Minamaze: from n/a through <= 1.10.1.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.5.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in clicklabs® Medienagentur Download Button for Elementor allows Stored XSS.This issue affects Download Button for Elementor: from n/a through 1.2.1.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Skill Bar allows Stored XSS.This issue affects SKT Skill Bar: from n/a through 2.0.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Calendar.Online Calendar.Online / Kalender.Digital allows Stored XSS.This issue affects Calendar.Online / Kalender.Digital: from n/a through 1.0.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP CodeUs Advanced Sermons advanced-sermons allows Stored XSS.This issue affects Advanced Sermons: from n/a through <= 3.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Funnelforms Funnelforms Free funnelforms-free allows DOM-Based XSS.This issue affects Funnelforms Free: from n/a through <= 3.8.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Noor-E-Alam Amazing Hover Effects allows Stored XSS.This issue affects Amazing Hover Effects: from n/a through 2.4.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through <= 1.3.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FameThemes OnePress allows Stored XSS.This issue affects OnePress: from n/a through 2.3.8.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Gibson WP GoToWebinar allows Stored XSS.This issue affects WP GoToWebinar: from n/a through 15.7.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BannerSky.Com BSK PDF Manager allows Stored XSS.This issue affects BSK PDF Manager: from n/a through 3.6.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YMC Filter & Grids allows Stored XSS.This issue affects Filter & Grids: from n/a through 2.9.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Builderall Builderall Builder for WordPress builderall-cheetah-for-wp allows Stored XSS.This issue affects Builderall Builder for WordPress: from n/a through <= 3.0.1.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BurgerThemes CoziPress allows Stored XSS.This issue affects CoziPress: from n/a through 1.0.30.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FunnelKit SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels) allows Stored XSS.This issue affects SlingBlocks – Gutenberg Blocks by FunnelKit (Formerly WooFunnels): from n/a through 1.4.1.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in J.N. Breetvelt a.K.A. OpaJaap WP Photo Album Plus allows Stored XSS.This issue affects WP Photo Album Plus: from n/a through 8.8.02.002.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 3.0.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jegstudio Gutenverse allows Stored XSS.This issue affects Gutenverse: from n/a through 1.9.2.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.5.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LiquidPoll LiquidPoll – Advanced Polls for Creators and Brands.This issue affects LiquidPoll – Advanced Polls for Creators and Brands: from n/a through 3.3.77.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magicoders ACF Recent Posts Widget acf-recent-posts-widget allows Stored XSS.This issue affects ACF Recent Posts Widget: from n/a through <= 5.9.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPDeveloper Essential Addons for Elementor essential-addons-for-elementor-lite.This issue affects Essential Addons for Elementor: from n/a through <= 5.9.26.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ali Rahimi Goftino allows Stored XSS.This issue affects Goftino: from n/a through 1.6.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Reviews.Co.Uk REVIEWS.Io allows Stored XSS.This issue affects REVIEWS.Io: from n/a through 1.2.7.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.11.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Job Board Manager allows Stored XSS.This issue affects Job Board Manager: from n/a through 2.1.57.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EazyDocs eazydocs allows Stored XSS.This issue affects EazyDocs: from n/a through 2.5.0.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ExtendThemes Kubio AI Page Builder.This issue affects Kubio AI Page Builder: from n/a through 2.2.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt McInvale Next Page, Not Next Post next-page-not-next-post allows Stored XSS.This issue affects Next Page, Not Next Post: from n/a through <= 0.3.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sayan Datta WP Last Modified Info wp-last-modified-info allows Stored XSS.This issue affects WP Last Modified Info: from n/a through <= 1.9.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wowDevs Sky Addons for Elementor sky-elementor-addons.This issue affects Sky Addons for Elementor: from n/a through <= 2.5.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jannis Thuemmig Email Encoder plugin <= 2.1.8 versions.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Event Aggregator allows Stored XSS.This issue affects WP Event Aggregator: from n/a through 1.7.9.
The Giveaways and Contests by RafflePress WordPress plugin before 1.12.14 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks