Search Results (47133 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-34650 1 Wpwax 1 Team 2025-02-20 4.1 Medium
Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress.
CVE-2022-33943 1 Bxslider Wp Project 1 Bxslider Wp 2025-02-20 5.4 Medium
Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla's BxSlider WP plugin <= 2.0.0 at WordPress.
CVE-2022-35882 1 Gsplugins 1 Gs Testimonial Slider 2025-02-20 4.8 Medium
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.5 at WordPress.
CVE-2022-36378 1 Floating Div Project 1 Floating Div 2025-02-20 4.8 Medium
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress.
CVE-2022-36343 1 Ideastocode 1 Enable Svg\, Webp \& Ico Upload 2025-02-20 3.4 Low
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress.
CVE-2021-36847 1 Webba-booking 1 Webba Booking 2025-02-20 4.8 Medium
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress.
CVE-2021-36857 1 Wpshopmart 1 Testimonial Builder 2025-02-20 4.8 Medium
Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress.
CVE-2022-34857 1 Smartypantsplugins 1 Sp Project \& Document Manager 2025-02-20 6.1 Medium
Reflected Cross-Site Scripting (XSS) vulnerability in smartypants SP Project & Document Manager plugin <= 4.59 at WordPress
CVE-2022-34648 1 Uploading Svg\, Webp And Ico Files Project 1 Uploading Svg\, Webp And Ico Files 2025-02-20 4.8 Medium
Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress.
CVE-2022-29476 1 8degreethemes 1 Notification Bar 2025-02-20 6.1 Medium
Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in 8 Degree Themes otification Bar for WordPress plugin <= 1.1.8 at WordPress.
CVE-2022-36282 1 Search Exclude Project 1 Search Exclude 2025-02-20 4.8 Medium
Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin <= 1.2.6 at WordPress.
CVE-2022-36341 1 As - Create Pinterest Pinboard Pages Project 1 As - Create Pinterest Pinboard Pages 2025-02-20 5.4 Medium
Authenticated (subscriber+) plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability in Akash soni's AS – Create Pinterest Pinboard Pages plugin <= 1.0 at WordPress.
CVE-2022-36347 1 Thealpinepress 1 Alpine Phototile For Pinterest 2025-02-20 4.8 Medium
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin <= 1.3.1 at WordPress.
CVE-2022-36405 1 Amcharts 1 Amcharts\ 2025-02-20 5.4 Medium
Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in amCharts: Charts and Maps plugin <= 1.4 at WordPress.
CVE-2022-36796 1 Callrail 1 Callrail Phone Call Tracking 2025-02-20 6.1 Medium
Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail, Inc. CallRail Phone Call Tracking plugin <= 0.4.9 at WordPress.
CVE-2021-36829 1 Mythemeshop 1 Launcher 2025-02-20 4.8 Medium
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 at WordPress.
CVE-2022-34656 1 Wpdevart 1 Poll\, Survey\, Questionnaire And Voting System 2025-02-20 4.8 Medium
Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.
CVE-2022-38068 1 Apasionados 1 Export Post Info 2025-02-20 4.8 Medium
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress.
CVE-2022-35725 1 Wp-forecast Project 1 Wp-forecast 2025-02-20 4.8 Medium
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hans Matzen's wp-forecast plugin <= 7.5 at WordPress.
CVE-2022-40191 1 Contact Form By Mega Forms Project 1 Contact Form By Mega Forms 2025-02-20 5.4 Medium
Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Ali Khallad's Contact Form By Mega Forms plugin <= 1.2.4 at WordPress.