Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-28 | CVE-2015-9363 | Cross-site Scripting vulnerability in Ithemes Exchange iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9362 | Cross-site Scripting vulnerability in Never5 Post Connector The Post Connector plugin before 1.0.4 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9361 | Cross-site Scripting vulnerability in Never5 Related Posts The Related Posts plugin before 1.8.2 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9360 | Cross-site Scripting vulnerability in Updraftplus The updraftplus plugin before 1.9.64 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9358 | Cross-site Scripting vulnerability in Feedwordpress Project Feedwordpress 2014.0805 The feedwordpress plugin before 2015.0514 for WordPress has XSS via add_query_arg() and remove_query_arg(). | 4.3 |
| 2019-08-28 | CVE-2015-9357 | Cross-site Scripting vulnerability in Automattic Akismet The akismet plugin before 3.1.5 for WordPress has XSS. | 4.3 |
| 2019-08-28 | CVE-2015-9356 | Cross-site Scripting vulnerability in Wp-Vipergb Project Wp-Vipergb The wp-vipergb plugin before 1.3.16 for WordPress has XSS via add_query_arg() and remove_query_arg(), a different issue than CVE-2014-9460. | 4.3 |
| 2019-08-28 | CVE-2015-9355 | Cross-site Scripting vulnerability in Simbahosting Two-Factor-Authentication The two-factor-authentication plugin before 1.1.10 for WordPress has XSS in the admin area. | 4.3 |
| 2019-08-28 | CVE-2015-9354 | Cross-site Scripting vulnerability in Tri.Be Gigpress The gigpress plugin before 2.3.11 for WordPress has XSS. | 3.5 |
| 2019-08-28 | CVE-2012-6718 | Cross-site Scripting vulnerability in Sharebar Project Sharebar The sharebar plugin before 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491. | 4.3 |