Filtered by vendor Wpmudev
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-10098 | 1 Wpmudev | 1 Broken Link Checker | 2023-12-20 | N/A | 6.1 MEDIUM |
| A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function print_module_list/show_warnings_section_notice/status_text/ui_get_action_links. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.10.6 is able to address this issue. The name of the patch is f30638869e281461b87548e40b517738b4350e47. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-225152. | |||||
| CVE-2022-1009 | 1 Wpmudev | 1 Smush Image Compression And Optimization | 2022-06-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting. For the attack to be successful, an attacker would need an admin to upload a malicious configuration file | |||||
| CVE-2019-9568 | 1 Wpmudev | 1 Forminator Contact Form\, Poll \& Quiz Builder | 2019-03-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has SQL Injection via the wp-admin/admin.php?page=forminator-entries entry[] parameter if the attacker has the delete permission. | |||||
| CVE-2019-9567 | 1 Wpmudev | 1 Forminator Contact Form\, Poll \& Quiz Builder | 2019-03-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The "Forminator Contact Form, Poll & Quiz Builder" plugin before 1.6 for WordPress has XSS via a custom input field of a poll. | |||||