Show filters
53 Total Results
Displaying 21-30 of 53
Sort by:
Attacker Value
Unknown
CVE-2023-6732
Disclosure Date: January 16, 2024 (last updated January 24, 2024)
The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
0
Attacker Value
Unknown
CVE-2023-49191
Disclosure Date: December 15, 2023 (last updated December 22, 2023)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Supsystic GDPR Cookie Consent by Supsystic allows Stored XSS.This issue affects GDPR Cookie Consent by Supsystic: from n/a through 2.1.2.
0
Attacker Value
Unknown
CVE-2023-5756
Disclosure Date: December 09, 2023 (last updated December 13, 2023)
The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
0
Attacker Value
Unknown
CVE-2023-45068
Disclosure Date: October 12, 2023 (last updated October 17, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions.
0
Attacker Value
Unknown
CVE-2023-3186
Disclosure Date: July 17, 2023 (last updated October 08, 2023)
The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability that could allow an attacker to inject arbitrary properties into Object.prototype.
0
Attacker Value
Unknown
CVE-2023-2526
Disclosure Date: June 09, 2023 (last updated October 08, 2023)
The Easy Google Maps plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.11.7. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to executes AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
0
Attacker Value
Unknown
CVE-2023-33926
Disclosure Date: May 28, 2023 (last updated October 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Easy Google Maps plugin <= 1.11.7 versions.
0
Attacker Value
Unknown
CVE-2023-22714
Disclosure Date: May 22, 2023 (last updated October 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Coming Soon by Supsystic plugin <= 1.7.10 versions.
0
Attacker Value
Unknown
CVE-2023-2528
Disclosure Date: May 17, 2023 (last updated October 08, 2023)
The Contact Form by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.24. This is due to missing or incorrect nonce validation on the AJAX action handler. This makes it possible for unauthenticated attackers to execute AJAX actions via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
0
Attacker Value
Unknown
CVE-2022-47155
Disclosure Date: March 14, 2023 (last updated November 08, 2023)
Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Slider by Supsystic plugin <= 1.8.5 versions.
0
