Vulnerabilities > I13Websolution

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2023-6555 Cross-site Scripting vulnerability in I13Websolution Email Subscription Popup
The Email Subscription Popup WordPress plugin before 1.2.20 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
network
low complexity
i13websolution CWE-79
6.1
2023-12-06 CVE-2023-6527 Cross-site Scripting vulnerability in I13Websolution Email Subscription Popup
The Email Subscription Popup plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the HTTP_REFERER header in all versions up to, and including, 1.2.18 due to insufficient input sanitization and output escaping.
network
low complexity
i13websolution CWE-79
6.1
2023-11-08 CVE-2023-47226 Cross-site Scripting vulnerability in I13Websolution Post Sliders & Post Grids
Auth.
network
low complexity
i13websolution CWE-79
4.8
2023-11-03 CVE-2023-5945 Cross-Site Request Forgery (CSRF) vulnerability in I13Websolution Video Carousel Slider With Lightbox 1.0
The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0.
network
low complexity
i13websolution CWE-352
5.4
2023-10-27 CVE-2023-5820 Cross-Site Request Forgery (CSRF) vulnerability in I13Websolution Thumbnail Slider With Lightbox 1.0
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0.
network
low complexity
i13websolution CWE-352
8.8
2023-10-27 CVE-2023-5821 Unspecified vulnerability in I13Websolution Thumbnail Carousel Slider 1.0
The Thumbnail carousel slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0.
network
low complexity
i13websolution
6.5
2023-10-25 CVE-2023-45754 Cross-site Scripting vulnerability in I13Websolution Easy Testimonial Slider and Form
Auth.
network
low complexity
i13websolution CWE-79
4.8
2023-10-18 CVE-2023-5621 Cross-site Scripting vulnerability in I13Websolution Thumbnail Slider With Lightbox 1.0
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Title field in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping.
network
low complexity
i13websolution CWE-79
4.8
2023-10-12 CVE-2023-5531 Cross-Site Request Forgery (CSRF) vulnerability in I13Websolution Thumbnail Slider With Lightbox 1.0
The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.
network
low complexity
i13websolution CWE-352
4.3
2023-10-02 CVE-2023-41731 Cross-site Scripting vulnerability in I13Websolution Wordpress Publish Post Email Notification
Auth.
network
low complexity
i13websolution CWE-79
4.8