Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2019-15713 | Cross-site Scripting vulnerability in MY Calendar Project MY Calendar The my-calendar plugin before 3.1.10 for WordPress has XSS. | 4.3 |
| 2019-08-28 | CVE-2017-18593 | Cross-site Scripting vulnerability in Updraftplus The updraftplus plugin before 1.13.5 for WordPress has XSS in rare cases where an attacker controls a string logged to a log file. | 4.3 |
| 2019-08-28 | CVE-2015-9368 | Cross-site Scripting vulnerability in Ithemes Easy EU Value Added (Vat) Taxes Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9367 | Cross-site Scripting vulnerability in Ithemes Easy Canadian Sales Taxes Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9366 | Cross-site Scripting vulnerability in Ithemes Custom URL Tracking Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9365 | Cross-site Scripting vulnerability in Ithemes Authorize.Net Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9364 | Cross-site Scripting vulnerability in 2Checkout Ithemes 2Checkout 2Checkout Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9363 | Cross-site Scripting vulnerability in Ithemes Exchange iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9362 | Cross-site Scripting vulnerability in Never5 Post Connector The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9361 | Cross-site Scripting vulnerability in Never5 Related Posts The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |