Vulnerabilities > Maxfoundry
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-2050 | Cross-site Scripting vulnerability in Maxfoundry Wp-Paginate The WP-Paginate WordPress plugin before 2.1.9 does not escape one of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when unfiltered_html is disallowed | 4.8 |
| 2022-03-18 | CVE-2022-25603 | Cross-site Scripting vulnerability in Maxfoundry Maxgalleria 6.2.5 Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in MaxGalleria WordPress plugin (versions 6.2.5). | 4.8 |
| 2022-02-28 | CVE-2021-4222 | Cross-site Scripting vulnerability in Maxfoundry Wp-Paginate The WP-Paginate WordPress plugin before 2.1.4 does not sanitise and escape its preset settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 4.8 |