Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
20 results
The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's memberlite_accordion shortcode in all versions up to, and including, 1.3.9 due to insuffici
The Simple SEO Slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, and including, 1.2.8 due to insufficient input sanitization a
The CryptX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `cryptx` shortcode in all versions up to, and including, 4.0.5 due to insufficient input sanitization and
The WPC Smart Quick View for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's woosq_btn shortcode in all versions up to, and including, 4.2.1 due to insuf
The Wueen plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `wueen-blocket` shortcode in all versions up to, and including, 0.2.0 due to insufficient input sanitizatio
The A Simple Multilanguage Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'asmp-switcher' shortcode in all versions up to, and including, 1.0 due to insuffic
Multiple plugins for WordPress are vulnerable to Reflected Cross-Site Scripting via the cminds_free_guide shortcode in various versions due to insufficient input sanitization and output escaping. This
The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugins's 'row' shortcode in all versions up to, and including, 1.4 due to insufficient input saniti
The WP Event Aggregator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_events' shortcode in all versions up to, and including, 1.8.7 due to insufficient input s
The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' shortcode attribute in all versions up to, and including, 2.4.1 due to insufficient input
The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to, and including, 1.7.29 due to insufficient input sanitizat
The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 12.0.5 due to insufficient input sanitization an
The Shortcodely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'widget_area' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and
The Email JavaScript Cloak plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email' shortcode in all versions up to, and including, 1.03 due to insufficient input san
The WP Social Ninja – Embed Social Feeds, Customer Reviews, Chat Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.20.3 due to insuffici
The EthereumICO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ethereum-ico shortcode in all versions up to, and including, 2.4.6 due to insufficient input sanitiza
The Evenium plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'evenium_single_event' shortcode in all versions up to, and including, 1.3.11 due to insufficient input s
The dbview plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'dbview' shortcode in all versions up to, and including, 0.5.5 due to insufficient input sanitization and
The WP-BibTeX plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'WpBibTeX' shortcode in all versions up to, and including, 3.0.1 due to insufficient input sanitization
The Markdown Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'markdown' shortcode in all versions up to, and including, 0.2.1 due to insufficient input san
← Previous Page 5