CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9366 – Exchange Addon Custom URL Tracking < 1.1.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9366
20 Apr 2015 — Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El Add-on Custom URL Tracking para iThemes Exchange versiones anteriores a 1.1.0 para WordPress, tiene una vulnerabilidad de tipo XSS por medio de las funciones add_query_arg() y remove_query_arg(). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9367 – Easy Canadian Sales Taxes Add-On for iThemes Exchange < 1.1.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9367
20 Apr 2015 — Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El Add-on Easy Canadian Taxes para iThemes Exchange versiones anteriores a 1.1.0 para WordPress, tiene una vulnerabilidad de tipo XSS por medio de las funciones add_query_arg() y remove_query_arg(). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9368 – Easy EU Value Added (VAT) Taxes < 1.2.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9368
20 Apr 2015 — Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El Add-on Easy EU Value Added (VAT) Taxes para iThemes Exchange versiones anteriores a 1.2.0 para WordPress, tiene una vulnerabilidad de tipo XSS por medio de las funciones add_query_arg() y remove_query_arg(). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9369 – Easy US Sales Taxes Add-on for iThemes Exchange < 1.1.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9369
20 Apr 2015 — Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El Add-on Easy US Sales Taxes para iThemes Exchange versiones anteriores a 1.1.0 para WordPress, presenta una vulnerabilidad de tipo XSS por medio de las funciones add_query_arg() y remove_query_arg() • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9370 – Exchange Addon Invoices < 1.4.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9370
20 Apr 2015 — Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El complemento Facturas para iThemes Exchange antes de 1.4.0 para WordPress tiene XSS a través de add_query_arg() y remove_query_arg(). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9371 – Manual Purchases < 1.1.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9371
20 Apr 2015 — Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El complemento compras manuales para iThemes Exchange antes de 1.1.0 para WordPress tiene XSS a través de add_query_arg() y remove_query_arg(). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9372 – Exchange Addon Membership < 1.3.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9372
20 Apr 2015 — Membership Add-on for iThemes Exchange before 1.3.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). El complemento de pertenencia para iThemes Exchange anterior a 1.3.0 para WordPress tiene XSS a través de add_query_arg() y remove_query_arg(). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9374 – Stripe Add-on for iThemes Exchange < 1.2.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9374
20 Apr 2015 — Stripe Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). la extensión Stripe para iThemes Exchange antes de 1.2.0 para WordPress tiene una vulnerabilidad XSS a través de add_query_arg () y remove_query_arg (). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9375 – Exchange Addon Table Rate Shipping < 1.1.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9375
20 Apr 2015 — Table Rate Shipping Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg(). La extensión de envío de tarifa de tabla para iThemes Exchange antes de 1.1.0 para WordPress tiene XSS a través de add_query_arg () y remove_query_arg (). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9376 – iThemes Mobile < 1.2.8 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-9376
20 Apr 2015 — iThemes Mobile before 1.2.8 for WordPress has XSS via add_query_arg() and remove_query_arg(). iThemes Mobile antes de 1.2.8 para WordPress tiene una vulnerabilidad XSS a través de add_query_arg () y remove_query_arg (). • https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •