Vulnerabilities > Bestwebsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-12 CVE-2024-3112 Unrestricted Upload of File with Dangerous Type vulnerability in Bestwebsoft Quotes and Tips
The Quotes and Tips by BestWebSoft WordPress plugin before 1.45 does not properly validate image files uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
network
low complexity
bestwebsoft CWE-434
4.8
2023-12-26 CVE-2015-10127 Unspecified vulnerability in Bestwebsoft Pluscaptcha
A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic.
network
low complexity
bestwebsoft
6.1
2023-12-26 CVE-2014-125109 Cross-site Scripting vulnerability in Bestwebsoft Portfolio
A vulnerability was found in BestWebSoft Portfolio Plugin up to 2.27.
network
low complexity
bestwebsoft CWE-79
6.1
2023-06-22 CVE-2023-28778 Unspecified vulnerability in Bestwebsoft Pagination
Auth.
network
low complexity
bestwebsoft
4.8
2023-05-31 CVE-2014-125103 Unspecified vulnerability in Bestwebsoft Twitter
A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress.
network
low complexity
bestwebsoft
6.1
2023-05-02 CVE-2014-125100 Unspecified vulnerability in Bestwebsoft JOB Board 1.0.0
A vulnerability classified as problematic was found in BestWebSoft Job Board Plugin 1.0.0 on WordPress.
network
low complexity
bestwebsoft
6.1
2023-04-17 CVE-2023-0764 Unspecified vulnerability in Bestwebsoft Gallery
The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability.
network
low complexity
bestwebsoft
5.4
2023-04-16 CVE-2022-44734 Unspecified vulnerability in Bestwebsoft CAR Rental
Auth.
network
low complexity
bestwebsoft
4.8
2023-04-10 CVE-2014-125097 Unspecified vulnerability in Bestwebsoft Facebook Button
A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33.
network
low complexity
bestwebsoft
6.1
2023-04-09 CVE-2014-125095 Unspecified vulnerability in Bestwebsoft Contact Form 1.3.4
A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 on WordPress and classified as problematic.
network
low complexity
bestwebsoft
6.1