Filtered by vendor Blackandwhitedigital
Subscriptions
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-13362 | 100 100plugins, 5starplugins, Afthemes and 97 more | 130 Open User Map, Dynamic Copyright Year, Easy Age Verify and 127 more | 2026-05-04 | 6.1 Medium |
| Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | ||||
| CVE-2025-25168 | 1 Blackandwhitedigital | 1 Bookpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Black and White BookPress – For Book Authors book-press allows Cross-Site Scripting (XSS).This issue affects BookPress – For Book Authors: from n/a through <= 1.2.7. | ||||
| CVE-2025-25167 | 1 Blackandwhitedigital | 1 Bookpress | 2026-04-23 | 8.2 High |
| Missing Authorization vulnerability in Black and White BookPress – For Book Authors book-press allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BookPress – For Book Authors: from n/a through <= 1.2.7. | ||||
| CVE-2023-23863 | 1 Blackandwhitedigital | 1 Treepress | 2024-11-21 | 5.9 Medium |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress – Easy Family Trees & Ancestor Profiles plugin <= 2.0.22 versions. | ||||
Page 1 of 1.