Vulnerabilities > Bestwebsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-26 | CVE-2023-6250 | Cleartext Storage of Sensitive Information vulnerability in Bestwebsoft Like & Share The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag | 7.5 |
2023-12-26 | CVE-2015-10127 | Cross-site Scripting vulnerability in Bestwebsoft Pluscaptcha A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. | 6.1 |
2023-12-26 | CVE-2014-125109 | Cross-site Scripting vulnerability in Bestwebsoft Portfolio A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27. | 6.1 |
2023-12-26 | CVE-2012-10017 | Cross-Site Request Forgery (CSRF) vulnerability in Bestwebsoft Portfolio A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.04 on WordPress. | 8.8 |
2023-12-20 | CVE-2023-29096 | SQL Injection vulnerability in Bestwebsoft Contact Form to DB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.0. | 8.8 |
2023-11-07 | CVE-2023-36527 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Bestwebsoft Post to CSV Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0. | 8.8 |
2023-10-31 | CVE-2023-36508 | SQL Injection vulnerability in Bestwebsoft Contact Form to DB Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BestWebSoft Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress contact-form-to-db allows SQL Injection.This issue affects Contact Form to DB by BestWebSoft – Messages Database Plugin For WordPress: from n/a through 1.7.1. | 9.8 |
2023-10-06 | CVE-2023-4469 | Unspecified vulnerability in Bestwebsoft Profile Extra Fields The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to, and including, 1.2.7. | 5.3 |
2023-06-22 | CVE-2023-28778 | Cross-site Scripting vulnerability in Bestwebsoft Pagination Auth. | 4.8 |
2023-05-31 | CVE-2014-125103 | Cross-site Scripting vulnerability in Bestwebsoft Twitter A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress. | 6.1 |