Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-13 | CVE-2015-9302 | Cross-site Scripting vulnerability in Simple Fields Project Simple Fields The simple-fields plugin before 1.4.11 for WordPress has XSS. | 6.1 |
2019-08-13 | CVE-2015-9300 | Cross-site Scripting vulnerability in Wp-Events-Plugin Events Manager The events-manager plugin before 5.5.7 for WordPress has multiple XSS issues. | 4.3 |
2019-08-13 | CVE-2015-9299 | Cross-site Scripting vulnerability in Wp-Events-Plugin Events Manager The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS. | 4.3 |
2019-08-13 | CVE-2015-9297 | Cross-site Scripting vulnerability in Wp-Events-Plugin Events Manager The events-manager plugin before 5.6 for WordPress has XSS. | 6.1 |
2019-08-13 | CVE-2015-9296 | Cross-site Scripting vulnerability in Never5 Download Monitor The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg. | 4.3 |
2019-08-13 | CVE-2015-9295 | Cross-site Scripting vulnerability in Bestwebsoft Contact Form The contact-form-plugin plugin before 3.96 for WordPress has XSS. | 4.3 |
2019-08-13 | CVE-2015-9294 | Cross-site Scripting vulnerability in ONE WP Security & Firewall The all-in-one-wp-security-and-firewall plugin before 3.9.5 for WordPress has XSS in add_query_arg and remove_query_arg function instances. | 4.3 |
2019-08-13 | CVE-2015-9293 | Cross-site Scripting vulnerability in ONE WP Security & Firewall The all-in-one-wp-security-and-firewall plugin before 3.9.8 for WordPress has XSS in the unlock request feature. | 4.3 |
2019-08-13 | CVE-2013-7475 | Cross-site Scripting vulnerability in Bestwebsoft Contact Form The contact-form-plugin plugin before 3.52 for WordPress has XSS. | 4.3 |
2019-08-13 | CVE-2012-6713 | Cross-site Scripting vulnerability in Wp-Jobmanager JOB Manager The job-manager plugin before 0.7.19 for WordPress has multiple XSS issues. | 4.3 |