| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BBS e-Theme BBS e-Popup plugin <= 2.4.5 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alexander Semikashev Yandex Metrica Counter plugin <= 1.4.3 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions. |
| Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.
|
| Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The processes filter feature is susceptible to Cross-site scripting. This allows a remote attacker to execute JavaScript code in the context of a currently logged-in user. An attacker could use this vulnerability to make other users endorse or support proposals they have no intention of supporting or endorsing. The problem was patched in version 0.27.3 and 0.26.7.
|
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pascal Casier bbPress Toolkit plugin <= 1.0.12 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in BrokenCrust This Day In History plugin <= 3.10.1 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Miled WordPress Social Login plugin <= 3.0.4 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rakib Hasan Dynamic QR Code Generator plugin <= 0.0.5 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Andy Moyle Church Admin plugin <= 3.7.29 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FiveStarPlugins Five Star Restaurant Reservations plugin <= 2.6.7 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premium Addons for Elementor Premium Addons PRO plugin <= 2.8.24 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ShopConstruct plugin <= 1.1.2 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in submodule of David Lingren Media Library Assistant plugin <= 3.0.7 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Marco Milesi Telegram Bot & Channel plugin <= 3.6.2 versions. |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WooCommerce WooCommerce Box Office plugin <= 1.1.50 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robin Wilson bbp style pack plugin <= 5.5.5 versions. |
| In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated attacker to attempt reflected cross-site scripting, which could result in disclosure or modification of information.
|
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joaquín Ruiz Easy Admin Menu plugin <= 1.3 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in PluginForage WooCommerce Product Categories Selection Widget plugin <= 2.0 versions. |
