Vulnerabilities > Wpwax

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-22	CVE-2022-34650	Cross-site Scripting vulnerability in Wpwax Team Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. network low complexity wpwax CWE-79	5.4
2022-07-22	CVE-2022-34853	Cross-site Scripting vulnerability in Wpwax Team Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. network low complexity wpwax CWE-79	5.4
2022-06-20	CVE-2022-1266	Cross-site Scripting vulnerability in Wpwax Post Grid, Slider & Carousel Ultimate The Post Grid, Slider & Carousel Ultimate WordPress plugin before 1.5.0 does not sanitise and escape the Header Title, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. network low complexity wpwax CWE-79	4.8
2021-12-21	CVE-2021-24981	Unrestricted Upload of File with Dangerous Type vulnerability in Wpwax Directorist The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory. network high complexity wpwax CWE-434	7.5

Vulnerabilities > Wpwax {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Wpwax"}]}