CVSS: 6.1EPSS: 0%CPEs: 51EXPL: 0CVE-2017-2171
https://notcve.org/view.php?id=CVE-2017-2171
22 May 2017 — Cross-site scripting vulnerability in Captcha prior to version 4.3.0, Car Rental prior to version 1.0.5, Contact Form Multi prior to version 1.2.1, Contact Form prior to version 4.0.6, Contact Form to DB prior to version 1.5.7, Custom Admin Page prior to version 0.1.2, Custom Fields Search prior to version 1.3.2, Custom Search prior to version 1.36, Donate prior to version 2.1.1, Email Queue prior to version 1.1.2, Error Log Viewer prior to version 1.0.6, Facebook Button prior to version 2.54, Featured Post... • http://jvndb.jvn.jp/jvndb/JVNDB-2017-000094 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-91: XML Injection (aka Blind XPath Injection) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18500 – Social Buttons Pack by BestWebSoft < 1.1.1 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18500
17 Apr 2017 — The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. El plugin social-buttons-pack anterior a la versión 1.1.1 para WordPress tiene múltiples problemas de XSS. The Social Buttons Pack by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 1.1.1 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a... • https://wordpress.org/plugins/social-buttons-pack/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18516 – BestWebSoft's LinkedIn < 1.0.5 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18516
17 Apr 2017 — The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues. El plugin bws-linkedin anterior a la versión 1.0.5 para WordPress tiene múltiples problemas XSS. The BestWebSoft's LinkedIn plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's bro... • https://wordpress.org/plugins/bws-linkedin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18529 – PromoBar by BestWebSoft – Customizable Advertisement Banner for WordPress Website <= 1.1.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18529
17 Apr 2017 — The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. El plugin promobar antes de 1.1.1 para WordPress tiene múltiples problemas XSS. The PromoBar by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they ca... • https://wordpress.org/plugins/promobar/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18530 – Rating by BestWebSoft < 0.2 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18530
17 Apr 2017 — The rating-bws plugin before 0.2 for WordPress has multiple XSS issues. El plugin rating-bws antes de 0.2 para WordPress tiene múltiples problemas XSS. The Rating by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 0.2 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can trick a victim int... • https://wordpress.org/plugins/rating-bws/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18532 – Realty by BestWebSoft < 1.1.0 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18532
17 Apr 2017 — The realty plugin before 1.1.0 for WordPress has multiple XSS issues. El plugin de realty anterior a 1.1.0 para WordPress tiene múltiples problemas XSS. The Realty by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 1.1.0 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can trick a victim ... • https://wordpress.org/plugins/realty/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18562 – Error Log Viewer by BestWebSoft < 1.0.6 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18562
17 Apr 2017 — The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues. El plugin de error-log-viewer anterior a la versión 1.0.6 para WordPress tiene múltiples problemas de XSS. The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, 1.0.6 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a vict... • https://wordpress.org/plugins/error-log-viewer/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18590 – Help Center by BestWebSoft < 0.1.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18590
17 Apr 2017 — The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues. El plugin de hoja de horas antes de 0.1.5 para WordPress tiene múltiples problemas XSS. The Help Center by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 0.1.5 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can tr... • https://wordpress.org/plugins/timesheet/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18496 – Htaccess by BestWebSoft – WordPress Website Access Control Plugin <= 1.7.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18496
14 Apr 2017 — The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. El complemento htaccess anterior a 1.7.6 para WordPress tiene múltiples problemas XSS. The "Htaccess by BestWebSoft – WordPress Website Access Control Plugin" plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts... • https://wordpress.org/plugins/htaccess/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18528 – Download PDF & Print by BestWebSoft – WordPress Posts and Pages PDF Generator Plugin <= 1.9.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18528
14 Apr 2017 — The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. El plugin de impresión pdf antes de 1.9.4 para WordPress tiene múltiples problemas XSS. • https://wordpress.org/plugins/pdf-print/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •