Vulnerabilities (CVE)

Filtered by vendor Wpfactory Subscribe

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-51399	1 Wpfactory	1 Back Button Widget	2024-01-05	N/A	5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Back Button Widget allows Stored XSS.This issue affects Back Button Widget: from n/a through 1.6.3.
CVE-2023-47547	1 Wpfactory	1 Products\, Order \& Customers Export For Woocommerce	2023-11-20	N/A	6.1 MEDIUM
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory Products, Order & Customers Export for WooCommerce plugin <= 2.0.7 versions.
CVE-2023-36689	1 Wpfactory	1 Wpfactory Helper	2023-08-09	N/A	6.1 MEDIUM
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPFactory WPFactory Helper plugin <= 1.5.2 versions.
CVE-2019-17239	1 Wpfactory	1 Download Plugins And Themes From Dashboard	2019-10-11	4.3 MEDIUM	6.1 MEDIUM
includes/settings/class-alg-download-plugins-settings.php in the download-plugins-dashboard plugin through 1.5.0 for WordPress has multiple unauthenticated stored XSS issues.