Vulnerabilities > Otwthemes

DATE CVE VULNERABILITY TITLE RISK
2024-02-12 CVE-2024-24930 Cross-site Scripting vulnerability in Otwthemes Buttons Shortcode and Widget
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OTWthemes.Com Buttons Shortcode and Widget allows Stored XSS.This issue affects Buttons Shortcode and Widget: from n/a through 1.16.
network
low complexity
otwthemes CWE-79
5.4
2023-10-12 CVE-2023-45102 Unspecified vulnerability in Otwthemes Blog Manager Light
Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Blog Manager Light plugin <= 1.20 versions.
network
low complexity
otwthemes
8.8