Vulnerabilities > Wpeka

DATE CVE VULNERABILITY TITLE RISK
2024-11-15 CVE-2024-10113 Cross-site Scripting vulnerability in Wpeka WP Adcenter
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpadcenter_ad shortcode in all versions up to, and including, 2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpeka CWE-79
5.4
2024-09-06 CVE-2024-8317 Cross-site Scripting vulnerability in Wpeka WP Adcenter
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ad_alignment’ attribute in all versions up to, and including, 2.5.6 due to insufficient input sanitization and output escaping.
network
low complexity
wpeka CWE-79
5.4
2023-11-07 CVE-2023-23678 Unspecified vulnerability in Wpeka WP Cookie Consent
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ): from n/a through 2.2.5.
network
low complexity
wpeka
7.2
2023-10-20 CVE-2023-4968 Cross-site Scripting vulnerability in Wpeka Wplegalpages
The WPLegalPages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'wplegalpage' shortcode in versions up to, and including, 2.9.2 due to insufficient input sanitization and output escaping on user supplied attributes.
network
low complexity
wpeka CWE-79
4.8
2022-02-07 CVE-2021-25106 Cross-site Scripting vulnerability in Wpeka Wplegalpages
The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WPLegalPages WordPress plugin before 2.7.1 does not check for authorisation and has a flawed CSRF logic when saving its settings, allowing any authenticated users, such as subscriber, to update them.
network
low complexity
wpeka CWE-79
5.4