Filtered by vendor Webdesignby
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4512 | 2 Webdesignby, Wordpress | 2 Recaptcha By Webdesignby, Wordpress | 2026-04-28 | 3.5 Low |
| The reCaptcha by WebDesignBy WordPress plugin before 2.0 does not sanitize or escape the Site Key setting before outputting it in a JavaScript string context via the grecaptcha_js() function. This allows administrators on multisite installations (who do not have the unfiltered_html capability) to inject arbitrary JavaScript that executes for all visitors to the WordPress login page. | ||||
| CVE-2024-13327 | 1 Webdesignby | 1 Musicbox | 2025-05-07 | 6.1 Medium |
| The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin | ||||
Page 1 of 1.