Wpdevart CVE - OpenCVE

Filtered by vendor Wpdevart Subscriptions

Total 32 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2023-47533	1 Wpdevart	1 Countdown And Countup\, Woocommerce Sales Timer	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Countdown and CountUp, WooCommerce Sales Timer plugin <= 1.8.2 versions.
CVE-2023-45629	1 Wpdevart	1 Gallery - Image And Video Gallery With Thumbnails	2024-08-02	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 versions.
CVE-2023-24388	1 Wpdevart	1 Booking Calendar	2024-08-02	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Booking calendar, Appointment Booking System plugin <= 3.2.3 versions affects plugin forms actions (create, duplicate, edit, delete).
CVE-2023-24384	1 Wpdevart	1 Organization Chart	2024-08-02	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WpDevArt Organization chart <= 1.4.4 versions.
CVE-2023-24387	1 Wpdevart	1 Organization Chart	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Organization chart plugin <= 1.4.4 versions.
CVE-2023-24004	1 Wpdevart	1 Download Image And Video Lightbox\, Image Popup	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Image and Video Lightbox, Image PopUp plugin <= 2.1.5 versions.
CVE-2023-24002	1 Wpdevart	1 Youtube Embed\, Playlist And Popup	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 versions.
CVE-2023-23983	1 Wpdevart	1 Responsive Vertical Icon Menu	2024-08-02	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 can lead to theme deletion.
CVE-2023-23972	1 Wpdevart	1 Social Like Box And Page	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin <= 0.8.39 versions.
CVE-2023-23870	1 Wpdevart	1 Responsive Vertical Icon Menu	2024-08-02	5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 versions.
CVE-2023-0900	1 Wpdevart	1 Pricing Table Builder	2024-08-02	7.2 High
The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admins.
CVE-2023-0177	1 Wpdevart	1 Social Like Box And Page	2024-08-02	5.4 Medium
The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

« first previous Page 2 of 2.