Total
37858 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-36895 | 1 Tripetto | 1 Tripetto | 2024-11-21 | 4.3 MEDIUM | 4.7 MEDIUM |
| Unauthenticated Cross-Site Scripting (XSS) vulnerability in Tripetto's Tripetto plugin <= 5.1.4 on WordPress via SVG image upload. | |||||
| CVE-2021-36893 | 1 Wpdarko | 1 Responsive Tabs | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Responsive Tabs (WordPress plugin) <= 4.0.5 | |||||
| CVE-2021-36889 | 1 Tarteaucitron.js - Cookies Legislation \& Gdpr Project | 1 Tarteaucitron.js - Cookies Legislation \& Gdpr | 2024-11-21 | 3.5 LOW | 3.4 LOW |
| Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.6). | |||||
| CVE-2021-36887 | 1 Tarteaucitron.js - Cookies Legislation \& Gdpr Project | 1 Tarteaucitron.js - Cookies Legislation \& Gdpr | 2024-11-21 | 6.8 MEDIUM | 6.1 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.5.4), vulnerable parameters "tarteaucitronEmail" and "tarteaucitronPass". | |||||
| CVE-2021-36885 | 1 Ciphercoin | 1 Contact Form 7 Database Addon | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in Contact Form 7 Database Addon – CFDB7 WordPress plugin (versions <= 1.2.6.1). | |||||
| CVE-2021-36884 | 1 Backupbliss | 1 Backup Migration | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Authenticated Persistent Cross-Site Scripting (XSS) vulnerability discovered in WordPress Backup Migration plugin <= 1.1.5 versions. | |||||
| CVE-2021-36873 | 1 Webence | 1 Iq Block Country | 2024-11-21 | 3.5 LOW | 5.5 MEDIUM |
| Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress iQ Block Country plugin (versions <= 1.2.11). Vulnerable parameter: &blockcountry_blockmessage. | |||||
| CVE-2021-36872 | 1 Wordpress Popular Posts Project | 1 Wordpress Popular Posts | 2024-11-21 | 3.5 LOW | 5.5 MEDIUM |
| Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in WordPress Popular Posts plugin (versions <= 5.3.3). Vulnerable at &widget-wpp[2][post_type]. | |||||
| CVE-2021-36871 | 1 Codecabin | 1 Wp Go Maps | 2024-11-21 | 3.5 LOW | 5.5 MEDIUM |
| Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps Pro premium plugin (versions <= 8.1.11). Vulnerable parameters: &wpgmaps_marker_category_name, Value > &attributes[], Name > &attributes[], &icons[], &names[], &description, &link, &title. | |||||
| CVE-2021-36870 | 1 Codecabin | 1 Wp Go Maps | 2024-11-21 | 3.5 LOW | 5.5 MEDIUM |
| Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in WordPress WP Google Maps plugin (versions <= 8.1.12). Vulnerable parameters: &dataset_name, &wpgmza_gdpr_retention_purpose, &wpgmza_gdpr_company_name, &name #2, &name, &polyname #2, &polyname, &address. | |||||
| CVE-2021-36869 | 1 Ivorysearch | 1 Ivory Search | 2024-11-21 | 4.3 MEDIUM | 4.8 MEDIUM |
| Reflected Cross-Site Scripting (XSS) vulnerability in WordPress Ivory Search plugin (versions <= 4.6.6). Vulnerable parameter: &post. | |||||
| CVE-2021-36867 | 1 Psychological Tests \& Quizzes Project | 1 Psychological Tests \& Quizzes | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Stored Cross-Site Scripting (XSS) vulnerability in Alexander Ustimenko's Psychological tests & quizzes plugin <= 0.21.19 on WordPress possible for users with contributor or higher user rights. | |||||
| CVE-2021-36866 | 1 Fatcatapps | 1 Easy Pricing Tables | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress. | |||||
| CVE-2021-36864 | 1 Expresstech | 1 Quiz And Survey Master | 2024-11-21 | N/A | 3.4 LOW |
| Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. | |||||
| CVE-2021-36863 | 1 Expresstech | 1 Quiz And Survey Master | 2024-11-21 | N/A | 5.4 MEDIUM |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. | |||||
| CVE-2021-36858 | 1 Themepoints | 1 Testimonials | 2024-11-21 | N/A | 4.8 MEDIUM |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themepoints Testimonials plugin <= 2.6 on WordPress. | |||||
| CVE-2021-36857 | 1 Wpshopmart | 1 Testimonial Builder | 2024-11-21 | N/A | 4.8 MEDIUM |
| Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress. | |||||
| CVE-2021-36855 | 1 Bookingultrapro | 1 Booking Ultra Pro Appointments Booking Calendar | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Booking Ultra Pro plugin <= 1.1.4 at WordPress. | |||||
| CVE-2021-36851 | 1 Web-settler | 1 Testimonial Slider | 2024-11-21 | 3.5 LOW | 4.1 MEDIUM |
| Authenticated (editor or higher user role) Cross-Site Scripting (XSS) vulnerability in Web-Settler Testimonial Slider – Free Testimonials Slider Plugin (WordPress plugin) via parameters mpsp_posts_bg_color, mpsp_posts_description_color, mpsp_slide_nav_button_color. | |||||
| CVE-2021-36849 | 1 Social Media Share Buttons Project | 1 Social Media Share Buttons | 2024-11-21 | N/A | 3.4 LOW |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau's Social Media Share Buttons plugin <= 3.8.1 at WordPress. | |||||