Search Results (47133 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-29426 1 2joomla 1 2j Slideshow 2025-02-20 5.4 Medium
Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress.
CVE-2022-29428 1 Muneeb 1 Wp Slider 2025-02-20 4.1 Medium
Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress.
CVE-2022-29430 1 Png To Jpg Project 1 Png To Jpg 2025-02-20 4.7 Medium
Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality.
CVE-2022-29432 1 Tms-outsource 1 Wpdatatables 2025-02-20 3.4 Low
Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters.
CVE-2022-29408 1 Vsourz 1 Advanced Cf7 Db 2025-02-20 4.7 Medium
Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress.
CVE-2021-36866 1 Fatcatapps 1 Easy Pricing Tables 2025-02-20 4.8 Medium
Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress.
CVE-2022-29455 1 Elementor 1 Website Builder 2025-02-20 4.7 Medium
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
CVE-2021-36901 1 Asylumdigital 1 Age Gate 2025-02-20 6.1 Medium
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin <= 2.17.0 at WordPress.
CVE-2022-27859 1 Nicdark 1 Nd-travel 2025-02-20 4.1 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress.
CVE-2022-29406 1 Dynamicweblab 1 Wp-team-manager 2025-02-20 4.1 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab's WordPress Team Manager plugin <= 1.6.9 at WordPress.
CVE-2022-29438 1 Nextcode 1 Image Slider By Nextcode 2025-02-20 4.8 Medium
Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress.
CVE-2022-29440 1 Promotion Slider Project 1 Promotion Slider 2025-02-20 5.4 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress.
CVE-2022-29442 1 Private Messages Project 1 Private Messages 2025-02-20 5.4 Medium
Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress.
CVE-2022-29443 1 Nicdark 1 Hotel Booking 2025-02-20 4.1 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark's Hotel Booking plugin <= 3.0 at WordPress.
CVE-2022-28612 1 Custom Popup Builder Project 1 Custom Popup Builder 2025-02-20 5.4 Medium
Improper Access Control vulnerability leading to multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Muneeb's Custom Popup Builder plugin <= 1.3.1 at WordPress.
CVE-2022-29452 1 Atlasgondal 1 Export All Urls 2025-02-20 3.4 Low
Authenticated (editor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Export All URLs plugin <= 4.1 at WordPress.
CVE-2022-32280 1 Xakuro 1 Xo Slider 2025-02-20 5.4 Medium
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Xakuro's XO Slider plugin <= 3.3.2 at WordPress.
CVE-2021-36849 1 Social Media Share Buttons Project 1 Social Media Share Buttons 2025-02-20 3.4 Low
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau's Social Media Share Buttons plugin <= 3.8.1 at WordPress.
CVE-2022-30536 1 Wp Maintenance Project 1 Wp Maintenance 2025-02-20 3.4 Low
Authenticated Stored Cross-Site Scripting (XSS) vulnerability in Florent Maillefaud's WP Maintenance plugin <= 6.0.7 at WordPress.
CVE-2022-34853 1 Wpwax 1 Team 2025-02-20 4.1 Medium
Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.