Vulnerabilities > Mediaburst
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-28 | CVE-2023-50843 | Unspecified vulnerability in Mediaburst Clockwork SMS Notfications Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Clockwork Clockwork SMS Notfications.This issue affects Clockwork SMS Notfications: from n/a through 3.0.4. | 7.2 |
| 2023-07-17 | CVE-2023-2701 | Unspecified vulnerability in Mediaburst Gravity Forms The Gravity Forms WordPress plugin before 2.7.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high-privileged users such as admin. | 6.1 |
| 2019-08-21 | CVE-2017-18555 | Cross-site Scripting vulnerability in Mediaburst Booking Calendar The booking-sms plugin before 1.1.0 for WordPress has XSS. | 6.1 |
| 2019-08-13 | CVE-2017-18495 | Cross-site Scripting vulnerability in Mediaburst Gravity Forms The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. | 6.1 |
| 2019-08-13 | CVE-2017-18489 | Cross-site Scripting vulnerability in Mediaburst Contact Form 7 - Clockwork SMS The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. | 6.1 |
| 2017-12-20 | CVE-2017-17780 | Cross-site Scripting vulnerability in Mediaburst products The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. | 6.1 |