Total
45268 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36378 | 1 Floating Div Project | 1 Floating Div | 2025-02-20 | 4.8 Medium |
| Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress. | ||||
| CVE-2022-36343 | 1 Ideastocode | 1 Enable Svg\, Webp \& Ico Upload | 2025-02-20 | 3.4 Low |
| Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. | ||||
| CVE-2021-36847 | 1 Webba-booking | 1 Webba Booking | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WebbaPlugins Webba Booking plugin <= 4.2.21 at WordPress. | ||||
| CVE-2021-36857 | 1 Wpshopmart | 1 Testimonial Builder | 2025-02-20 | 4.8 Medium |
| Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. | ||||
| CVE-2022-34857 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2025-02-20 | 6.1 Medium |
| Reflected Cross-Site Scripting (XSS) vulnerability in smartypants SP Project & Document Manager plugin <= 4.59 at WordPress | ||||
| CVE-2022-34648 | 1 Uploading Svg\, Webp And Ico Files Project | 1 Uploading Svg\, Webp And Ico Files | 2025-02-20 | 4.8 Medium |
| Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in dmitrylitvinov Uploading SVG, WEBP and ICO files plugin <= 1.0.1 at WordPress. | ||||
| CVE-2022-29476 | 1 8degreethemes | 1 Notification Bar | 2025-02-20 | 6.1 Medium |
| Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in 8 Degree Themes otification Bar for WordPress plugin <= 1.1.8 at WordPress. | ||||
| CVE-2022-36282 | 1 Search Exclude Project | 1 Search Exclude | 2025-02-20 | 4.8 Medium |
| Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in Roman Pronskiy's Search Exclude plugin <= 1.2.6 at WordPress. | ||||
| CVE-2022-36341 | 1 As - Create Pinterest Pinboard Pages Project | 1 As - Create Pinterest Pinboard Pages | 2025-02-20 | 5.4 Medium |
| Authenticated (subscriber+) plugin settings change leading to Stored Cross-Site Scripting (XSS) vulnerability in Akash soni's AS – Create Pinterest Pinboard Pages plugin <= 1.0 at WordPress. | ||||
| CVE-2022-36347 | 1 Thealpinepress | 1 Alpine Phototile For Pinterest | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alpine Press Alpine PhotoTile for Pinterest plugin <= 1.3.1 at WordPress. | ||||
| CVE-2022-36405 | 1 Amcharts | 1 Amcharts\ | 2025-02-20 | 5.4 Medium |
| Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in amCharts: Charts and Maps plugin <= 1.4 at WordPress. | ||||
| CVE-2022-36796 | 1 Callrail | 1 Callrail Phone Call Tracking | 2025-02-20 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail, Inc. CallRail Phone Call Tracking plugin <= 0.4.9 at WordPress. | ||||
| CVE-2021-36829 | 1 Mythemeshop | 1 Launcher | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 at WordPress. | ||||
| CVE-2022-34656 | 1 Wpdevart | 1 Poll\, Survey\, Questionnaire And Voting System | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress. | ||||
| CVE-2022-38068 | 1 Apasionados | 1 Export Post Info | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress. | ||||
| CVE-2022-35725 | 1 Wp-forecast Project | 1 Wp-forecast | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Hans Matzen's wp-forecast plugin <= 7.5 at WordPress. | ||||
| CVE-2022-40191 | 1 Contact Form By Mega Forms Project | 1 Contact Form By Mega Forms | 2025-02-20 | 5.4 Medium |
| Authenticated (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Ali Khallad's Contact Form By Mega Forms plugin <= 1.2.4 at WordPress. | ||||
| CVE-2022-37403 | 1 Add User Role Project | 1 Add User Role | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nikhil Vaghela's Add User Role plugin <= 0.0.1 at WordPress. | ||||
| CVE-2022-37404 | 1 Add2fav Project | 1 Add2fav | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Christian Salazar's add2fav plugin <= 1.0 at WordPress. | ||||
| CVE-2022-37412 | 1 Better Delete Revision Project | 1 Better Delete Revision | 2025-02-20 | 4.8 Medium |
| Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Galerio & Urda's Better Delete Revision plugin <= 1.6.1 at WordPress. | ||||