Vulnerabilities > Wonderplugin
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-08 | CVE-2024-24877 | Unspecified vulnerability in Wonderplugin Wonder Slider Lite Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magic Hills Pty Ltd Wonder Slider Lite allows Reflected XSS.This issue affects Wonder Slider Lite: from n/a through 13.9. | 6.1 |
2021-08-16 | CVE-2021-24540 | Unspecified vulnerability in Wonderplugin Wonder Video Embed The Wonder Video Embed WordPress plugin before 1.8 does not escape parameters of its wonderplugin_video shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks. | 5.4 |
2021-08-16 | CVE-2021-24541 | Cross-site Scripting vulnerability in Wonderplugin Wonder PDF Embed The Wonder PDF Embed WordPress plugin before 1.7 does not escape parameters of its wonderplugin_pdf shortcode, which could allow users with a role as low as Contributor to perform Stored XSS attacks. | 5.4 |