Vulnerabilities > TE ST

DATE CVE VULNERABILITY TITLE RISK
2023-09-19 CVE-2023-2995 Unspecified vulnerability in Te-St Leyka
The Leyka WordPress plugin before 3.30.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
network
low complexity
te-st
4.8
2023-09-13 CVE-2023-4917 Unspecified vulnerability in Te-St Leyka
The Leyka plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.30.3 via the 'leyka_ajax_get_env_and_options' function.
network
low complexity
te-st
6.5
2023-08-30 CVE-2023-33325 Cross-site Scripting vulnerability in Te-St Leyka
Unauth.
network
low complexity
te-st CWE-79
6.1
2023-08-10 CVE-2023-39314 Cross-site Scripting vulnerability in Te-St Leyka
Unauth.
network
low complexity
te-st CWE-79
6.1
2023-06-21 CVE-2023-27450 Cross-site Scripting vulnerability in Te-St Leyka
Unauth.
network
low complexity
te-st CWE-79
6.1
2023-05-08 CVE-2023-25052 Cross-site Scripting vulnerability in Te-St Yandex.News Feed BY Teplitsa
Auth.
network
low complexity
te-st CWE-79
4.8