Filtered by vendor Pickplugins
Subscriptions
Filtered by product Team Showcase
Subscriptions
Total
5 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-35939 | 1 Pickplugins | 2 Post Grid, Team Showcase | 2024-11-21 | 7.5 High |
PHP Object injection vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to team_import_xml_layouts. | ||||
CVE-2020-35938 | 1 Pickplugins | 2 Post Grid, Team Showcase | 2024-11-21 | 7.5 High |
PHP Object injection vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to inject arbitrary PHP objects due to insecure unserialization of data supplied in a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to post_grid_import_xml_layouts. | ||||
CVE-2020-35937 | 1 Pickplugins | 2 Post Grid, Team Showcase | 2024-11-21 | 7.5 High |
Stored Cross-Site Scripting (XSS) vulnerabilities in the Team Showcase plugin before 1.22.16 for WordPress allow remote authenticated attackers to import layouts including JavaScript supplied via a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to team_import_xml_layouts. | ||||
CVE-2020-35936 | 1 Pickplugins | 2 Post Grid, Team Showcase | 2024-11-21 | 7.5 High |
Stored Cross-Site Scripting (XSS) vulnerabilities in the Post Grid plugin before 2.0.73 for WordPress allow remote authenticated attackers to import layouts including JavaScript supplied via a remotely hosted crafted payload in the source parameter via AJAX. The action must be set to post_grid_import_xml_layouts. | ||||
CVE-2024-44002 | 1 Pickplugins | 1 Team Showcase | 2024-09-25 | 7.1 High |
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Reflected XSS.This issue affects Team Showcase: from n/a through 1.22.25. |
Page 1 of 1.