yaudahbanh

14 exploits Active since Jun 2022
CVE-2022-29455 NOMISEC MEDIUM SCANNER
Elementor Website Builder <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
2 stars
CVSS 4.7
CVE-2022-29455 NOMISEC MEDIUM SCANNER
Elementor Website Builder <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
2 stars
CVSS 4.7
CVE-2023-24398 GITHUB MEDIUM WRITEUP
Snap Creek Software EZP <1.0.7.3 - XSS
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Snap Creek Software EZP Coming Soon Page plugin <= 1.0.7.3 versions.
CVSS 5.9
CVE-2023-24402 GITHUB MEDIUM WRITEUP
WP Booking System - Booking Calendar <= 2.0.18 - Authenticated Stored Cross-Site Scripting
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin <= 2.0.18 versions.
CVSS 5.9
CVE-2023-25049 GITHUB MEDIUM WRITEUP
impleCode eCommerce Product Catalog Plugin for WordPress <= 3.3.4 - Authenticated Stored Cross-Site Scripting
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in impleCode eCommerce Product Catalog Plugin for WordPress plugin <= 3.3.4 versions.
CVSS 5.9
CVE-2023-25461 GITHUB MEDIUM WRITEUP
Wp-Insert <= 2.5.0 - Authenticated Stored Cross-Site Scripting
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions.
CVSS 5.9
CVE-2023-25706 GITHUB MEDIUM WRITEUP
Pagup WordPress Robots.Txt optimization <= 1.4.5 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in Pagup WordPress Robots.Txt optimization plugin <= 1.4.5 versions.
CVSS 5.4
CVE-2023-25707 GITHUB MEDIUM WRITEUP
VikBooking Hotel Booking Engine & PMS <= 1.5.12 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in E4J s.R.L. VikBooking Hotel Booking Engine & PMS plugin <= 1.5.12 versions.
CVSS 6.3
CVE-2023-25708 GITHUB MEDIUM WRITEUP
Rextheme WP VR - 360 Panorama and Virtual Tour Builder For WordPress <= 8.2.7 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin <= 8.2.7 versions.
CVSS 4.3
CVE-2023-25793 GITHUB MEDIUM WRITEUP
Link Juice Keeper <= 2.0.2 - Authenticated Stored Cross-Site Scripting
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in George Pattihis Link Juice Keeper plugin <= 2.0.2 versions.
CVSS 5.9
CVE-2023-25976 GITHUB MEDIUM WRITEUP
CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin <= 1.2.2 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin plugin <= 1.2.2 versions.
CVSS 4.3
CVE-2023-25985 GITHUB MEDIUM WRITEUP
WordPress Tooltips < 8.2.5 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in Tomas | Docs | FAQ | Premium Support WordPress Tooltips.This issue affects WordPress Tooltips: from n/a through 8.2.5.
CVSS 4.3
CVE-2023-27453 GITHUB MEDIUM WRITEUP
LWS Tools <= 2.3.1 - Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) vulnerability in LWS LWS Tools plugin <= 2.3.1 versions.
CVSS 5.4
CVE-2022-29455 NOMISEC MEDIUM SCANNER
Elementor Website Builder <= 3.5.5 - Unauthenticated DOM-based Reflected Cross-Site Scripting
DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
CVSS 4.7