The Link Library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Link Additional Parameters in all versions up to, and including, 7.7.3 due to insufficient input sanitization
The Link Fixer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via broken links in all versions up to, and including, 3.4 due to insufficient input sanitization and output escaping.
Multiple plugins and/or themes for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled lightGallery library (<= 2.8.3) in various versions due to insufficient input saniti
Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library (versions 1.7.13 to 1.7.14) in various versions due to insuffic
The Valuation Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter in all versions up to, and including, 1.3.2 due to insufficient input sanitization a
The Short Link plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'short_link_post_title' and 'short_link_page_title' parameters in all versions up to, and including, 1.0 due to
The Link Library plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'searchll' parameter in all versions up to, and including, 7.7.2 due to insufficient input sanitization an
The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘author_link_target’ parameter in all versions up to, and including, 1.7.1 due to insufficient input sanitiza
The Internal Link Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and outp
The WP Content Security Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the blocked-uri and effective-directive parameters in all versions up to, and including, 2.3 due t
The The Permalinker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'permalink' shortcode in all versions up to, and including, 1.8.1 due to insufficient input sanit
The Bilingual Linker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the bl_otherlang_link_1 parameter in all versions up to, and including, 2.4 due to insufficient input sanitiz
Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled ThickBox JavaScript library (version 3.1) in various versions due to insufficient input sanitizati
The Library Bookshelves plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and includin
The SEO Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via post meta in versions up to, and including, 1.9 due to insufficient input sanitization and output escaping on user
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in version less than, or equal to, 2025.6 due to insufficient input sanitization an
The Etsy Importer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'product_link' shortcode in all versions up to, and including, 1.4.2 due to insufficient input sani
The Recently Purchased Products For Woo plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘view’ parameter in all versions up to, and including, 1.1.3 due to insufficient input
The Service Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it po
Page 1+ Next →