yaudahbanh

14 exploits Active since Jun 2022
CVE-2022-29455 NOMISEC MEDIUM SCANNER
Elementor Website Builder < 3.5.5 - XSS
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
2 stars
CVSS 4.7
CVE-2022-29455 NOMISEC MEDIUM SCANNER
Elementor Website Builder < 3.5.5 - XSS
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
2 stars
CVSS 4.7
CVE-2023-24398 GITHUB MEDIUM WRITEUP
Snap Creek Software EZP <1.0.7.3 - XSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Coming Soon Page plugin <= 1.0.7.3 versions.
CVSS 5.9
CVE-2023-24402 GITHUB MEDIUM WRITEUP
Veribo - XSS
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18 versions.
CVSS 5.9
CVE-2023-25049 GITHUB MEDIUM WRITEUP
Implecode Ecommerce Product Catalog < 3.3.4 - XSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.4 versions.
CVSS 5.9
CVE-2023-25461 GITHUB MEDIUM WRITEUP
Smartlogix Wp-insert < 2.5.1 - XSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions.
CVSS 5.9
CVE-2023-25706 GITHUB MEDIUM WRITEUP
Pagup Better Robots.txt < 1.4.5 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Robots.Txt optimization plugin <= 1.4.5 versions.
CVSS 5.4
CVE-2023-25707 GITHUB MEDIUM WRITEUP
Vikwp Vikbooking Hotel Booking Engine & Pms < 1.6.0 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.12 versions.
CVSS 6.3
CVE-2023-25708 GITHUB MEDIUM WRITEUP
Rextheme WP VR < 8.2.8 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin <= 8.2.7 versions.
CVSS 4.3
CVE-2023-25793 GITHUB MEDIUM WRITEUP
Link Juice Keeper < 2.0.3 - XSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in George Pattihis Link Juice Keeper plugin <= 2.0.2 versions.
CVSS 5.9
CVE-2023-25976 GITHUB MEDIUM WRITEUP
Crmperks Integration For Contact Form 7 And Zoho Crm, Bigin - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.
CVSS 4.3
CVE-2023-25985 GITHUB MEDIUM WRITEUP
Wordpress Tooltips < 8.2.5 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5.
CVSS 4.3
CVE-2023-27453 GITHUB MEDIUM WRITEUP
Lws Tools < 2.3.1 - CSRF
Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.3.1 versions.
CVSS 5.4
CVE-2022-29455 NOMISEC MEDIUM SCANNER
Elementor Website Builder < 3.5.5 - XSS
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
CVSS 4.7