Filtered by vendor Noorsplugin Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-52143 1 Noorsplugin 1 Wp Stripe Checkout 2024-08-26 7.5 High
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37.
CVE-2022-3987 1 Noorsplugin 1 Responsive Lightbox2 2024-08-03 5.4 Medium
The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2022-3983 1 Noorsplugin 1 Checkout For Paypal 2024-08-03 5.4 Medium
The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2022-3986 1 Noorsplugin 1 Wp Stripe Checkout 2024-08-03 5.4 Medium
The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2022-3937 1 Noorsplugin 1 Easy Video Player 2024-08-03 5.4 Medium
The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.
CVE-2023-51689 1 Noorsplugin 1 Easy Video Player 2024-08-02 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10.