Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.5.36.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in flomei Simple-Audioplayer simple-audioplayer allows Stored XSS.This issue affects Simple-Audioplayer: from n/a through <= 1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hiroprot Terms Before Download terms-before-download allows Stored XSS.This issue affects Terms Before Download: from n/a through <= 1.0.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brice Capobianco WP Plugin Info Card wp-plugin-info-card allows DOM-Based XSS.This issue affects WP Plugin Info Card: from n/a through <= 5.3.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mashi Simple Map No Api simple-map-no-api allows Stored XSS.This issue affects Simple Map No Api: from n/a through <= 1.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso HelloAsso helloasso.This issue affects HelloAsso: from n/a through <= 1.1.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Icon List Block icon-list-block allows Stored XSS.This issue affects Icon List Block: from n/a through <= 1.2.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric Teubert Podlove Podcast Publisher podlove-podcasting-plugin-for-wordpress allows Stored XSS.This issue affects Podlove Podcast Publisher: from n/a through <= 4.3.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through <= 14.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alordiel Dropdown Multisite selector dropdown-multisite-selector allows Stored XSS.This issue affects Dropdown Multisite selector: from n/a through < 0.9.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maksym Marko MX Time Zone Clocks mx-time-zone-clocks allows Reflected XSS.This issue affects MX Time Zone Clocks: from n/a through <= 5.1.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bensibley Unlimited unlimited allows Stored XSS.This issue affects Unlimited: from n/a through <= 1.45.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Philip John Author Bio Shortcode author-bio-shortcode allows Stored XSS.This issue affects Author Bio Shortcode: from n/a through <= 2.5.3.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ArtistScope CopySafe Web Protection allows Stored XSS.This issue affects CopySafe Web Protection: from n/a through 3.14.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 MDTF wp-meta-data-filter-and-taxonomy-filter allows DOM-Based XSS.This issue affects MDTF: from n/a through <= 1.3.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DigitalCourt Marketer Addons marketer-addons allows Stored XSS.This issue affects Marketer Addons: from n/a through <= 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agency Dominion Inc. Fusion fusion allows DOM-Based XSS.This issue affects Fusion: from n/a through <= 1.6.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noor Alam Magical Addons For Elementor magical-addons-for-elementor allows Stored XSS.This issue affects Magical Addons For Elementor: from n/a through <= 1.4.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpszaki Lightweight and Responsive Youtube Embed lightweight-and-responsive-youtube-embed allows Stored XSS.This issue affects Lightweight and Responsive Youtube Embed: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Simpma Embed Calendly embed-calendly-scheduling allows Stored XSS.This issue affects Embed Calendly: from n/a through <= 4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Brainstorm Force Astra Bulk Edit astra-bulk-edit allows DOM-Based XSS.This issue affects Astra Bulk Edit: from n/a through <= 1.2.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through < 5.15.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IdeaBox Creations PowerPack Addons for Elementor powerpack-lite-for-elementor allows Stored XSS.This issue affects PowerPack Addons for Elementor: from n/a through <= 2.9.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through <= 13.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in checklistcom Checklist checklist allows Stored XSS.This issue affects Checklist: from n/a through <= 1.1.9.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements.This issue affects Mega Elements: from n/a through 1.2.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hookandhook WP Courses LMS wp-courses allows DOM-Based XSS.This issue affects WP Courses LMS: from n/a through <= 3.2.26.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo Melchiorre Send E-mail send-e-mail allows Stored XSS.This issue affects Send E-mail: from n/a through <= 1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows DOM-Based XSS.This issue affects Robo Gallery: from n/a through <= 5.1.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in snapwidget SnapWidget Social Photo Feed Widget snapwidget-wp-instagram-widget allows DOM-Based XSS.This issue affects SnapWidget Social Photo Feed Widget: from n/a through <= 1.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mischiefmarmot Create by Mediavine mediavine-create.This issue affects Create by Mediavine: from n/a through <= 1.9.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StaxWP Elementor Addons, Widgets and Enhancements – Stax stax-addons-for-elementor allows DOM-Based XSS.This issue affects Elementor Addons, Widgets and Enhancements – Stax: from n/a through <= 1.5.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows DOM-Based XSS.This issue affects PostX: from n/a through <= 4.1.25.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCone ConeBlog – WordPress Blog Widgets coneblog-widgets.This issue affects ConeBlog – WordPress Blog Widgets: from n/a through <= 1.4.8.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in immonex immonex Kickstart immonex-kickstart allows Stored XSS.This issue affects immonex Kickstart: from n/a through <= 1.13.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Northern Beaches Websites WP Custom Admin Interface wp-custom-admin-interface allows DOM-Based XSS.This issue affects WP Custom Admin Interface: from n/a through <= 7.42.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey FormLift for Infusionsoft Web Forms formlift allows Stored XSS.This issue affects FormLift for Infusionsoft Web Forms: from n/a through <= 7.5.19.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toocheke Toocheke Companion toocheke-companion allows DOM-Based XSS.This issue affects Toocheke Companion: from n/a through <= 1.194.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gosign Gosign – Posts Slider Block gosign-posts-slider-block allows Stored XSS.This issue affects Gosign – Posts Slider Block: from n/a through <= 1.1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Event Post themify-event-post allows Stored XSS.This issue affects Themify Event Post: from n/a through <= 1.3.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Elementor Elementor Website Builder elementor allows DOM-Based XSS.This issue affects Elementor Website Builder: from n/a through <= 3.35.5.
Cross Site Scripting (XSS) vulnerability in Automattic Newspack Ads allows Stored XSS.This issue affects Newspack Ads: from n/a through 1.47.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpszaki Lightweight and Responsive Youtube Embed lightweight-and-responsive-youtube-embed allows Stored XSS.This issue affects Lightweight and Responsive Youtube Embed: from n/a through <= 1.0.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Binsaifullah Posten posten-post-blocks allows DOM-Based XSS.This issue affects Posten: from n/a through <= 0.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows DOM-Based XSS.This issue affects Active Products Tables for WooCommerce: from n/a through <= 1.0.7.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in bPlugins Html5 Audio Player allows Stored XSS.This issue affects Html5 Audio Player: from n/a through 2.2.23.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 Bicycleshop bicycleshop allows DOM-Based XSS.This issue affects Bicycleshop: from n/a through <= 1.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress premium-blocks-for-gutenberg.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from n/a through <= 2.1.27.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutenberg Team Gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through 18.6.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in milan.latinovic WP Chrono wp-chrono allows DOM-Based XSS.This issue affects WP Chrono: from n/a through <= 1.5.4.