| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aftab Husain Vertical Carousel vertical-carousel-slider allows Stored XSS.This issue affects Vertical Carousel: from n/a through <= 1.0.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Andrea Pernici Third Party Cookie Eraser third-party-cookie-eraser allows Stored XSS.This issue affects Third Party Cookie Eraser: from n/a through <= 1.0.2. |
| Cross-Site Request Forgery (CSRF) vulnerability in Irish_Cathal Out Of Stock Badge out-of-stock-badge allows Cross Site Request Forgery.This issue affects Out Of Stock Badge: from n/a through <= 2.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in CultBooking CultBooking Hotel Booking Engine cultbooking-booking-engine allows Stored XSS.This issue affects CultBooking Hotel Booking Engine: from n/a through <= 2.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Berg Informatik Stripe Donation bin-stripe-donation allows Stored XSS.This issue affects Stripe Donation: from n/a through <= 1.2.5. |
| Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online build-app-online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through <= 1.0.23. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Plugin Devs Post Carousel Slider for Elementor post-carousel-slider-for-elementor allows Stored XSS.This issue affects Post Carousel Slider for Elementor: from n/a through <= 1.5.0. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terry L. WP Mermaid wp-mermaid allows Stored XSS.This issue affects WP Mermaid: from n/a through <= 1.0.2. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nutttaro Video Player for WPBakery video-player-for-wpbakery allows Stored XSS.This issue affects Video Player for WPBakery: from n/a through <= 1.0.1. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FlickDevs Elementor Button Plus fd-elementor-button-plus allows Stored XSS.This issue affects Elementor Button Plus: from n/a through <= 1.3.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 코스모스팜 – Cosmosfarm 소셜 공유 버튼 By 코스모스팜 cosmosfarm-share-buttons allows Stored XSS.This issue affects 소셜 공유 버튼 By 코스모스팜: from n/a through <= 1.9. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SkyBootstrap Elementor Image Gallery Plugin skyboot-portfolio-gallery allows Stored XSS.This issue affects Elementor Image Gallery Plugin: from n/a through <= 1.0.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aezaz Shaikh Countdown Timer for Elementor countdown-timer-for-elementor allows Stored XSS.This issue affects Countdown Timer for Elementor: from n/a through <= 1.3.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prism I.T. Systems Multilevel Referral Affiliate Plugin for WooCommerce multilevel-referral-plugin-for-woocommerce allows Reflected XSS.This issue affects Multilevel Referral Affiliate Plugin for WooCommerce: from n/a through <= 2.27. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Garrett Grimm Simple Popup simple-popup-plugin allows DOM-Based XSS.This issue affects Simple Popup: from n/a through <= 4.6. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPSwings WooCommerce Ultimate Gift Card woocommerce-ultimate-gift-card allows Reflected XSS.This issue affects WooCommerce Ultimate Gift Card: from n/a through < 2.9.1. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor cryptocurrency-widgets-for-elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through <= 1.6.4. |
| Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Server Side Request Forgery.This issue affects Asset CleanUp: Page Speed Booster: from n/a through <= 1.3.9.8. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in brandtoss WP Mailster wp-mailster allows Stored XSS.This issue affects WP Mailster: from n/a through <= 1.8.16.0. |
| Cross-Site Request Forgery (CSRF) vulnerability in Jason Grim Custom Shortcode Sidebars custom-shortcode-sidebars allows Stored XSS.This issue affects Custom Shortcode Sidebars: from n/a through <= 1.2. |
