Security Vulnerabilities by audit@patchstack.com

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.26 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ARI Soft ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ExpressTech Quiz And Survey Master plugin <= 8.1.13 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Schmit Theater for WordPress plugin <= 0.18.3 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in assorted[chips] DrawIt (draw.Io) plugin <= 1.1.3 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codez Quick Call Button plugin <= 1.2.9 versions.

Cross-Site Request Forgery (CSRF) vulnerability in TienCOP WP EXtra plugin <= 6.4 versions.

Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages – Privacy Policy, Terms & Conditions, GDPR, CCPA, and Cookie Notice Generator plugin <= 1.3.8 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jannis Thuemmig Email Encoder plugin <= 2.1.8 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Dang Ngoc Binh Easy Call Now by ThikShare plugin <= 1.1.0 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mmrs151 Daily Prayer Time plugin <= 2023.10.13 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Charitable Donations & Fundraising Team Donation Forms by Charitable plugin <= 1.7.0.13 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Venutius BP Profile Shortcodes Extra plugin <= 2.5.2 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Waterloo Plugins BMI Calculator Plugin plugin <= 1.0.3 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in grandslambert Better RSS Widget plugin <= 2.8.1 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bamboo Mcr Bamboo Columns plugin <= 1.6.1 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Suresh KUMAR Mukhiya Anywhere Flash Embed plugin <= 1.0.5 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asdqwe Dev Ajax Domain Checker plugin <= 1.3.0 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Accordion plugin <= 2.6 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christina Uechi Add Widgets to Page plugin <= 1.3.2 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Infinite Uploads Big File Uploads – Increase Maximum File Upload Size plugin <= 2.1.1 versions.

Cross-Site Request Forgery (CSRF) vulnerability in Leadster plugin <= 1.1.2 versions.

Cross-Site Request Forgery (CSRF) leading to Cross-Site Scripting (XSS) vulnerability in Poporon Pz-LinkCard plugin <= 2.4.8 versions.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LayerSlider plugin <= 7.7.9 versions.

Cross-Site Request Forgery (CSRF) vulnerability in LayerSlider plugin <= 7.7.9 versions.