CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-37548 – WordPress Meks Easy Ads Widget plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2024-37548
06 Jul 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Meks Meks Easy Ads Widget allows Stored XSS.This issue affects Meks Easy Ads Widget: from n/a through 2.0.8. Vulnerabilidad de neutralización incorrecta de la entrada durante la generación de páginas web (XSS o 'Cross-site Scripting') en Meks Meks Easy Ads Widget permite XSS almacenado. Este problema afecta a Meks Easy Ads Widget: desde n/a hasta 2.0.8. The Meks Easy Ads Widget plugin for WordPress i... • https://patchstack.com/database/vulnerability/meks-easy-ads-widget/wordpress-meks-easy-ads-widget-plugin-2-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2023-25989 – Cross-Site Request Forgery (CSRF) vulnerability in multiple WordPress plugins by Meks
https://notcve.org/view.php?id=CVE-2023-25989
26 Jul 2023 — Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup. Vulnerabilidad de Cross-Site Request Forgery (CSRF) en Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks E... • https://patchstack.com/database/vulnerability/meks-audio-player/wordpress-meks-audio-player-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •