Pavak-hash

5 exploits Active since Apr 2023
CVE-2023-27415 GITHUB MEDIUM NO CODE
Themeqx LetterPress <= 1.1.2 - Authenticated Stored Cross-Site Scripting
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themeqx LetterPress plugin <= 1.1.2 versions.
CVSS 5.9
CVE-2023-27426 GITHUB MEDIUM NO CODE
NotifyVisitors < 1.0 - Authenticated Stored Cross-Site Scripting
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Notifyvisitors NotifyVisitors plugin <= 1.0 versions.
CVSS 5.9
CVE-2023-27609 GITHUB MEDIUM NO CODE
WP Roles at Registration < 0.23 - Stored Cross-Site Scripting
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Registration: from n/a through 0.23.
CVSS 5.9
CVE-2023-27613 GITHUB HIGH NO CODE
MonitorClick Forms Ada - Form Builder <= 1.0 - Unauthenticated Reflected Cross-Site Scripting
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in MonitorClick Forms Ada – Form Builder plugin <= 1.0 versions.
CVSS 7.1
CVE-2023-27614 GITHUB MEDIUM NO CODE
Ian Haycox Motor Racing League <= 1.9.9 - Authenticated Cross-Site Scripting
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Ian Haycox Motor Racing League plugin <= 1.9.9 versions.
CVSS 5.9