The Preload Current Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'complete' parameter in the 'preload_progress_bar' shortcode in all versions up to, and including,
The Responsive Progress Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's rprogress shortcode in versions less than, or equal to, 1.0 due to insufficient input san
The CC-IMG-Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'img' shortcode in all versions up to, and including, 1.1.0 due to insufficient input sanitizati
The Preloader Plus – WordPress Loading Screen Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.2.1 due to insuffici
The Extra Post Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the extra-images shortcode in all versions up to, and including, 1.0 due to insufficie
The Slider comparison image before and after plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [sciba] shortcode in all versions up to, and including, 0.8.3 due to ins
The Live Photos on WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'video_src', 'img_src', and 'class' parameters in the livephotos_photo shortcode in all versions
The Xavin's Review Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xrr' shortcode in all versions up to, and including, 1.4.0 due to insufficient input
The WP Photo Effects plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wppe_effect' shortcode in all versions up to, and including, 1.2.4 due to insufficient input sa
The WP Image Uploader plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'file' parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization a
The Stock Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'image_height' and 'image_width' shortcode attributes in all versions up to, and including, 1.1. This is due t
The Photographers galleries plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcode attributes (`w`, `h`, `raw_css`, `look`, etc.) in all versions up to, and including
The Pure CSS Circle Progress bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'circle_progress' shortcode in all versions up to, and including, 1.2 due to insuffi
The Post Category Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'postcategorygallery' shortcode in versions up to, and including, 1.0.0. This is due to ins
The PhotoFade plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'time' parameter in all versions up to, and including, 0.2.1 due to insufficient input sanitization and output e
The Folder Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'foldergallery' shortcode in all versions up to, and including, 1.7.4 due to insufficient input sa
The PriPre plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.4.11 due to insufficient input sanitization and output escapin
The Post Carousel & Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'post-cs' shortcode in all versions up to, and including, 1.0.3 due to insufficient input
The Any Post Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aps_slider shortcode in all versions up to, and including, 1.0.4 due to insufficient input saniti
The 1180px Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' shortcode attribute in all versions up to, and including, 1.1.1 due to insufficient input saniti
Page 1+ Next →