Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Milan Petrovic GD Security Headers plugin <= 1.6.1 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.3.2 versions.
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <= 1.0.7 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Contempoinc Real Estate 7 WordPress theme <= 3.3.1 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Teplitsa of social technologies Leyka plugin <= 3.30.2 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zaymund TM Islamic Helper tm-islamic-helper allows Reflected XSS.This issue affects TM Islamic Helper: from n/a through <= 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in photonicgnostic Library Bookshelves library-bookshelves allows Reflected XSS.This issue affects Library Bookshelves: from n/a through <= 5.8.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui plugin <= 4.6.19 versions.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anmari amr shortcodes amr-shortcodes allows Reflected XSS.This issue affects amr shortcodes: from n/a through <= 1.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in goqsystem GoQMieruca goqmieruca allows Reflected XSS.This issue affects GoQMieruca: from n/a through <= 1.0.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eduNEXT Open edX LMS allows Reflected XSS.This issue affects Open edX LMS: from n/a through 2.6.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Weather Atlas Weather Atlas Widget weather-atlas allows Reflected XSS.This issue affects Weather Atlas Widget: from n/a through <= 3.0.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in venusweb Logtik logtik allows Reflected XSS.This issue affects Logtik: from n/a through <= 2.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in rafalautopilot Ortto autopilot allows Reflected XSS.This issue affects Ortto: from n/a through <= 1.0.19.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhrubok Infotech Services Ltd. WooCommerce Price Alert price-alert-woocommerce allows Reflected XSS.This issue affects WooCommerce Price Alert: from n/a through <= 1.0.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpoets Awesome Studio awesome-studio allows Reflected XSS.This issue affects Awesome Studio: from n/a through <= 2.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sandeep Verma HTML5 Lyrics Karaoke Player html5-lyrics-karaoke-player allows Reflected XSS.This issue affects HTML5 Lyrics Karaoke Player: from n/a through <= 2.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in e4jvikwp VikRestaurants vikrestaurants allows Reflected XSS.This issue affects VikRestaurants: from n/a through <= 1.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AndonDesign UDesign u-design allows Reflected XSS.This issue affects UDesign: from n/a through <= 4.14.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup UberSlider Ultra uberSlider_ultra allows Reflected XSS.This issue affects UberSlider Ultra: from n/a through <= 2.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in goqsystem GoQSmile goqsmile allows Reflected XSS.This issue affects GoQSmile: from n/a through <= 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through <= 3.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LeadBoxer LeadBoxer leadboxer allows Reflected XSS.This issue affects LeadBoxer: from n/a through <= 1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in atarapay AtaraPay WooCommerce Payment Gateway atarapay-woocommerce allows Reflected XSS.This issue affects AtaraPay WooCommerce Payment Gateway: from n/a through <= 2.0.13.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BoldThemes ReConstruction reconstruction allows Reflected XSS.This issue affects ReConstruction: from n/a through <= 1.4.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Igor Benic LeanPress leanpress allows Reflected XSS.This issue affects LeanPress: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Astoundify Listify listify allows Reflected XSS.This issue affects Listify: from n/a through <= 3.2.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Data443 Risk Mitigation, Inc. LGPD Framework lgpd-framework allows Reflected XSS.This issue affects LGPD Framework: from n/a through <= 2.0.2.
The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in user change them via a CSRF attack
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sizam RH Frontend Publishing Pro rh-frontend allows Reflected XSS.This issue affects RH Frontend Publishing Pro: from n/a through < 4.3.4.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in petesheppard84 Extensions for Elementor allows Reflected XSS.This issue affects Extensions for Elementor: from n/a through 2.0.37.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in p-themes Porto porto allows Reflected XSS.This issue affects Porto: from n/a through <= 7.6.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JanStudio Claue - Clean, Minimal Elementor WooCommerce Theme claue allows Reflected XSS.This issue affects Claue - Clean, Minimal Elementor WooCommerce Theme: from n/a through <= 2.2.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in youneeq Youneeq Recommendations youneeq-panel allows Reflected XSS.This issue affects Youneeq Recommendations: from n/a through <= 3.0.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in fox-themes Awa Plugins awa-plugins allows Reflected XSS.This issue affects Awa Plugins: from n/a through <= 1.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter Westwood Post By Email post-by-email allows Reflected XSS.This issue affects Post By Email: from n/a through <= 1.0.4b.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Content Slider all-in-one-contentSlider allows Reflected XSS.This issue affects LambertGroup - AllInOne - Content Slider: from n/a through <= 3.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGoods Musico musico allows Reflected XSS.This issue affects Musico: from n/a through < 3.4.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup LambertGroup - AllInOne - Banner with Thumbnails all-in-one-thumbnailsBanner allows Reflected XSS.This issue affects LambertGroup - AllInOne - Banner with Thumbnails: from n/a through <= 3.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Explara Explara Events explara-events allows Reflected XSS.This issue affects Explara Events: from n/a through <= 0.1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacob Schwartz WP e-Commerce Style Email wp-e-commerce-style-email allows Reflected XSS.This issue affects WP e-Commerce Style Email: from n/a through <= 0.6.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in August Infotech AI Responsive Gallery Album ai-responsive-gallery-album allows Reflected XSS.This issue affects AI Responsive Gallery Album: from n/a through <= 1.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CactusThemes Gameplan gameplan allows Reflected XSS.This issue affects Gameplan: from n/a through <= 1.5.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in deepintowp Wc Recently viewed products wc-recently-viewed-products allows Reflected XSS.This issue affects Wc Recently viewed products: from n/a through <= 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PixFort pixfort Core pixfort-core allows Reflected XSS.This issue affects pixfort Core: from n/a through <= 3.2.22.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CridioStudio ListingPro listingpro-plugin allows Reflected XSS.This issue affects ListingPro: from n/a through <= 2.9.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yes We Work Fabrica Synced Pattern Instances fabrica-reusable-block-instances allows Reflected XSS.This issue affects Fabrica Synced Pattern Instances: from n/a through <= 1.0.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Kohlbach Jigoshop – Store Exporter jigoshop-exporter allows Reflected XSS.This issue affects Jigoshop – Store Exporter: from n/a through <= 1.5.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zaus Forms: 3rd-Party Post Again forms-3rdparty-post-again allows Reflected XSS.This issue affects Forms: 3rd-Party Post Again: from n/a through <= 0.3.