Vulnerabilities > Bestwebsoft

DATE CVE VULNERABILITY TITLE RISK
2021-06-14 CVE-2021-24350 Unspecified vulnerability in Bestwebsoft Visitors Online 0.1/0.2/0.3
The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability.
network
low complexity
bestwebsoft
6.1
2020-02-06 CVE-2020-8658 Cross-Site Request Forgery (CSRF) vulnerability in Bestwebsoft Htaccess
The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF.
network
low complexity
bestwebsoft CWE-352
8.8
2019-09-20 CVE-2015-9385 Cross-site Scripting vulnerability in Bestwebsoft Quotes and Tips
The quotes-and-tips plugin before 1.20 for WordPress has XSS.
network
low complexity
bestwebsoft CWE-79
6.1
2019-09-20 CVE-2015-9384 Cross-site Scripting vulnerability in Bestwebsoft Relevant
The relevant plugin before 1.0.8 for WordPress has XSS.
network
low complexity
bestwebsoft CWE-79
6.1
2019-08-27 CVE-2017-18590 Cross-site Scripting vulnerability in Bestwebsoft Timesheet
The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues.
network
low complexity
bestwebsoft CWE-79
6.1
2019-08-22 CVE-2015-9335 SQL Injection vulnerability in Bestwebsoft Limit Attempts
The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.
network
low complexity
bestwebsoft CWE-89
critical
9.8
2019-08-22 CVE-2013-7481 Cross-site Scripting vulnerability in Bestwebsoft Contact Form
The contact-form-plugin plugin before 3.3.5 for WordPress has XSS.
network
low complexity
bestwebsoft CWE-79
6.1
2019-08-21 CVE-2018-20970 Cross-site Scripting vulnerability in Bestwebsoft PDF & Print
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues.
network
low complexity
bestwebsoft CWE-79
6.1
2019-08-21 CVE-2017-18562 Cross-site Scripting vulnerability in Bestwebsoft Error LOG Viewer
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.
network
low complexity
bestwebsoft CWE-79
6.1
2019-08-21 CVE-2017-18516 Cross-site Scripting vulnerability in Bestwebsoft Linkedin
The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues.
network
low complexity
bestwebsoft CWE-79
6.1