Vulnerabilities > Pluginus > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-02-01 CVE-2023-51506 Cross-site Scripting vulnerability in Pluginus Wordpress Currency Switcher
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WPCS – WordPress Currency Switcher Professional allows Stored XSS.This issue affects WPCS – WordPress Currency Switcher Professional: from n/a through 1.2.0.
network
low complexity
pluginus CWE-79
5.4
5.4
2024-01-31 CVE-2024-22159 Cross-site Scripting vulnerability in Pluginus Wolf - Wordpress Posts Bulk Editor and products Manager Professional
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF – WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.
network
low complexity
pluginus CWE-79
6.1
6.1
2024-01-11 CVE-2023-6556 Cross-site Scripting vulnerability in Pluginus FOX - Currency Switcher Professional for Woocommerce
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via currency options in all versions up to, and including, 1.4.1.5 due to insufficient input sanitization and output escaping.
network
low complexity
pluginus CWE-79
5.4
5.4
2023-10-20 CVE-2023-4923 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4924 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4926 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4941 Missing Authorization vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-862
4.3
4.3
2023-10-20 CVE-2023-4935 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4937 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3
2023-10-20 CVE-2023-4940 Cross-Site Request Forgery (CSRF) vulnerability in Pluginus Bear - Woocommerce Bulk Editor and products Manager Professional
The BEAR for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.3.3.
network
low complexity
pluginus CWE-352
4.3
4.3