Vulnerabilities > Ithemes > Manual Purchases

DATE CVE VULNERABILITY TITLE RISK
2019-08-28 CVE-2015-9371 Cross-site Scripting vulnerability in Ithemes Manual Purchases
Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
network
ithemes CWE-79
4.3
4.3