The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' header in versions up to, and including, 1.4.14 due to insuffic
The AI BotKit – AI Chatbot & Live Support for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter in the `ai_botkit_widget` shortcode in all versions up
The Smartsupp – live chat, AI shopping assistant and chatbots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'code' parameter in all versions up to, and including, 3.9.1 due
The AI Engine plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the mwai_chatbot shortcode 'id' parameter in all versions up to, and including, 2.8.4 due to insufficient input sani
The AI Feeds plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'aife_post_meta' shortcode in all versions up to, and including, 1.0.22 due to insufficient input sanitization an
The AI ChatBot for WordPress – WPBot plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 5.5.7 due to insufficient input sanitiza
The AI Content Writer, RSS Feed to Post, Autoblogging SEO Help plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 6.1.3
The AI Content Pipelines plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.6 due to insufficient input sanitization and out
The Advanced Woo Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's aws_search_terms shortcode in all versions up to, and including, 3.28 due to insufficient inp
The Fluent Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI Form Builder module in all versions up to, and including, 6.1.14 due to a combination of missing authoriza
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and including, 2025.2 due to insufficient inpu
The Wise Chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the X-Forwarded-For header in all versions up to, and including, 3.3.4 due to insufficient input sanitization and ou
The Chatbot for WordPress by Collect.chat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_inpost_head_script[synth_header_script]' post meta field in all versions up to, an
The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and l
The Telegram Bot & Channel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Telegram username in all versions up to, and including, 4.1 due to insufficient input sanitization
The Affiliate AI Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'asin' shortcode attribute in the affiai_img shortcode in all versions up to, and including, 1.0.1. This
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'advanced_iframe' shortcode in all versions up to, and including, 2025.5 due to insufficient inpu
The Advanced iFrame plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'additional' parameter in version less than, or equal to, 2025.6 due to insufficient input sanitization an
The AI ChatBot for WordPress WordPress plugin before 7.1.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripti
The Smart Forms – when you need more than just a contact form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.6.98 due to i
Page 1+ Next →