Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Reflected XSS.This issue affects Contest Gallery: from n/a through <= 24.0.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through <= 24.0.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmstactics WP Video Posts wp-video-posts allows Reflected XSS.This issue affects WP Video Posts: from n/a through <= 3.5.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chaozh Simple Post Series simple-post-series allows Reflected XSS.This issue affects Simple Post Series: from n/a through <= 2.4.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt WooCommerce Shop Page Builder allows Reflected XSS. This issue affects WooCommerce Shop Page Builder: from n/a through 2.27.7.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZoomIt FoodMenu allows Reflected XSS. This issue affects FoodMenu: from n/a through 1.20.
The Order Delivery Date WordPress plugin before 12.4.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shauno NextGEN Gallery Voting nextgen-gallery-voting allows Reflected XSS.This issue affects NextGEN Gallery Voting: from n/a through <= 2.7.6.
The Passbeemedia Web Push Notification WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in toddhuish WP Event Ticketing wpeventticketing allows Reflected XSS.This issue affects WP Event Ticketing: from n/a through <= 1.3.4.
The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sureshdsk Are you robot google recaptcha for wordpress are-you-robot-recaptcha allows Reflected XSS.This issue affects Are you robot google recaptcha for wordpress: from n/a through <= 2.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpeverest User Registration user-registration allows Reflected XSS.This issue affects User Registration: from n/a through <= 5.1.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jotis Blue Captcha blue-captcha allows Reflected XSS.This issue affects Blue Captcha: from n/a through <= 1.7.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cristián Lávaque s2Member s2member allows Reflected XSS.This issue affects s2Member: from n/a through <= 241216.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Deetronix Booking Ultra Pro booking-ultra-pro allows Reflected XSS.This issue affects Booking Ultra Pro: from n/a through <= 1.1.19.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from n/a through 1.9.2 to 2.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 17track 17TRACK for WooCommerce 17track allows Reflected XSS.This issue affects 17TRACK for WooCommerce: from n/a through <= 1.2.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpion Live css css-live allows Stored XSS.This issue affects Live css: from n/a through <= 1.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bappa Mal QR Code for WooCommerce wc-qr-codes allows Reflected XSS.This issue affects QR Code for WooCommerce: from n/a through <= 1.2.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Variable Inspector variable-inspector allows Reflected XSS.This issue affects Variable Inspector: from n/a through <= 2.6.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in softdiscover Zigaform – Price Calculator & Cost Estimation Form Builder Lite zigaform-calculator-cost-estimation-form-builder-lite allows Stored XSS.This issue affects Zigaform – Price Calculator & Cost Estimation Form Builder Lite: from n/a through <= 7.4.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeannot Muller flickr-slideshow-wrapper flickr-slideshow-wrapper allows Stored XSS.This issue affects flickr-slideshow-wrapper: from n/a through <= 5.4.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through <= 5.3.5.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in webparexapp Shipmozo Courier Tracking webparex allows Reflected XSS.This issue affects Shipmozo Courier Tracking: from n/a through <= 1.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BjornW File Icons file-icons allows Reflected XSS.This issue affects File Icons: from n/a through <= 2.1.
The Feedify WordPress plugin before 2.4.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in alvego Protected wp-login protected-wp-login allows Reflected XSS.This issue affects Protected wp-login: from n/a through <= 2.1.
The S3Bubble Media Streaming (AWS|Elementor|YouTube|Vimeo Functionality) WordPress plugin through 8.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in andrew_fisher WOO Codice Fiscale woo-codice-fiscale allows Reflected XSS.This issue affects WOO Codice Fiscale: from n/a through <= 1.6.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ollybach WPPizza wppizza allows Reflected XSS.This issue affects WPPizza: from n/a through <= 3.19.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ivan82 User List user-list allows Reflected XSS.This issue affects User List: from n/a through <= 1.5.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in uxgallery WordPress Photo Gallery – Image Gallery photo-image-gallery allows Reflected XSS.This issue affects WordPress Photo Gallery – Image Gallery: from n/a through <= 2.0.4.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alberto Cocchiara DB Tables Import/Export db-tables-importexport allows Reflected XSS.This issue affects DB Tables Import/Export: from n/a through <= 1.0.1.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in divspark Flagged Content flagged-content allows Reflected XSS.This issue affects Flagged Content: from n/a through <= 1.0.2.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Antoine Guillien Restrict Taxonomies restrict-taxonomies allows Reflected XSS.This issue affects Restrict Taxonomies: from n/a through <= 1.3.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hugh Mungus Vice Versa vice-versa allows Reflected XSS.This issue affects Vice Versa: from n/a through <= 2.2.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in phil88530 Simple Email Subscriber simple-email-subscriber allows Reflected XSS.This issue affects Simple Email Subscriber: from n/a through <= 2.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anton Aleksandrov .htaccess Login block htaccess-login-block allows Reflected XSS.This issue affects .htaccess Login block: from n/a through <= 0.9a.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop WooCommerce HTML5 Video woocommerce-html5-video allows Reflected XSS.This issue affects WooCommerce HTML5 Video: from n/a through <= 1.7.10.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gerrygooner Rebuild Permalinks rebuild-permalinks allows Reflected XSS.This issue affects Rebuild Permalinks: from n/a through <= 1.6.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Small Package Quotes – Unishippers Edition small-package-quotes-unishippers-edition allows Reflected XSS.This issue affects Small Package Quotes – Unishippers Edition: from n/a through <= 2.4.9.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 1pluginjquery ZooEffect 1-jquery-photo-gallery-slideshow-flash allows Reflected XSS.This issue affects ZooEffect: from n/a through <= 1.11.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lynk Flashfader flashfader allows Reflected XSS.This issue affects Flashfader: from n/a through <= 1.1.1.
baserCMS is a website development framework. Prior to version 5.2.3, baserCMS has DOM-based cross-site scripting in tag creation. This issue has been patched in version 5.2.3.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeFusion Fusion Builder fusion-builder allows Reflected XSS.This issue affects Fusion Builder: from n/a through < 3.15.0.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in don-themes Riode riode allows Reflected XSS.This issue affects Riode: from n/a through < 1.6.29.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OOPSpam Team OOPSpam Anti-Spam oopspam-anti-spam allows Stored XSS.This issue affects OOPSpam Anti-Spam: from n/a through <= 1.2.62.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bookly Bookly bookly-responsive-appointment-booking-tool allows Reflected XSS.This issue affects Bookly: from n/a through <= 26.7.