Vulnerabilities > Vektor INC

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-23	CVE-2023-28367	Cross-site Scripting vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit Cross-site scripting vulnerability in CTA post function of VK All in One Expansion Unit 9.88.1.0 and earlier allows a remote authenticated attacker to inject an arbitrary script. network low complexity vektor-inc CWE-79	5.4
2023-03-20	CVE-2023-0937	Unspecified vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit The VK All in One Expansion Unit WordPress plugin before 9.87.1.0 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers network low complexity vektor-inc	6.1
2023-02-27	CVE-2023-0230	Unspecified vulnerability in Vektor-Inc VK ALL in ONE Expansion Unit The VK All in One Expansion Unit WordPress plugin before 9.86.0.0 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. network low complexity vektor-inc	5.4

Vulnerabilities > Vektor INC {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vektor INC"}]}