Vulnerabilities > Mediaburst
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-28 | CVE-2023-50843 | SQL Injection vulnerability in Mediaburst Clockwork SMS Notfications Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Clockwork Clockwork SMS Notfications.This issue affects Clockwork SMS Notfications: from n/a through 3.0.4. | 7.2 |
| 2023-07-17 | CVE-2023-2701 | Unspecified vulnerability in Mediaburst Gravity Forms The Gravity Forms WordPress plugin before 2.7.5 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting which could be used against high-privileged users such as admin. | 6.1 |
| 2019-08-21 | CVE-2017-18555 | Cross-site Scripting vulnerability in Mediaburst Booking Calendar The booking-sms plugin before 1.1.0 for WordPress has XSS. | 4.3 |
| 2019-08-13 | CVE-2017-18495 | Cross-site Scripting vulnerability in Mediaburst Gravity Forms The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS. | 4.3 |
| 2019-08-13 | CVE-2017-18489 | Cross-site Scripting vulnerability in Mediaburst Contact Form 7 - Clockwork SMS The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS. | 4.3 |
| 2017-12-20 | CVE-2017-17780 | Cross-site Scripting vulnerability in Mediaburst products The Clockwork SMS clockwork-test-message.php component has XSS via a crafted "to" parameter in a clockwork-test-message request to wp-admin/admin.php. | 4.3 |