NotCVE - vendor:"Bestwebsoft"

Page 5 of 74 results (0.003 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-9295 – Contact Form by BestWebSoft <= 3.95 - ReflectedCross-Site Scripting

https://notcve.org/view.php?id=CVE-2015-9295

12 Apr 2017 — The contact-form-plugin plugin before 3.96 for WordPress has XSS. El complemento contact-form-plugin anterior a 3.96 para WordPress tiene XSS. The Contact Form by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 3.95 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can tric... • https://wordpress.org/plugins/contact-form-plugin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18490 – Contact Form Multi by BestWebSoft – Multiple Forms Plugin for Single WordPress Website < 1.2.1 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18490

12 Apr 2017 — The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues. El complemento contact-form-multi anterior de 1.2.1 para WordPress tiene múltiples problemas XSS. The Updater plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to 1.2.1 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can tr... • https://wordpress.org/plugins/contact-form-multi/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18491 – Advanced Contact Us Form Builder for WordPress <= 4.0.5 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18491

12 Apr 2017 — The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues. El complemento contact-form-plugin anterior de 4.0.6 para WordPress tiene múltiples problemas XSS. The Advanced Contact Us Form Builder for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scrip... • https://wordpress.org/plugins/contact-form-plugin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18492 – Contact Form to DB <= 1.5.6 - Multiple Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18492

12 Apr 2017 — The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues. El complemento contact-form-to-db anterior de 1.5.7 para WordPress tiene múltiples problemas XSS. The Contact Form to DB plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 1.5.6 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts that execute in a victim's browser. • https://wordpress.org/plugins/contact-form-to-db/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18493 – Custom Admin Page by BestWebSoft <= 0.1.1 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18493

12 Apr 2017 — The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues. El complemento de custom-admin-page anterior de 0.1.2 para WordPress tiene múltiples problemas de XSS. The Custom Admin Page by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 0.1.1 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that exec... • https://wordpress.org/plugins/custom-admin-page/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18494 – Custom Search by BestWebSoft <= 1.35 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18494

12 Apr 2017 — The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues. El complemento custom-search-plugin anterior de 1.36 para WordPress tiene múltiples problemas de XSS. The Custom Search plugin for WordPress is vulnerable to reflected Cross-Site Scripting in versions up to, and including, 1.35 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's b... • https://wordpress.org/plugins/custom-search-plugin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18501 – Social Login by BestWebSoft <= 0.1 - Multiple Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18501

12 Apr 2017 — The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. El plugin social-login-bws antes de la versión 0.2 para WordPress tiene múltiples problemas XSS. The Social Login by BestWebSoft plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser. • https://wordpress.org/plugins/social-login-bws/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18502 – Subscriber by BestWebSoft <= 1.3.4 - Multiple Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18502

12 Apr 2017 — The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues. El plugin subscriber anterior a la versión 1.3.5 para WordPress tiene múltiples problemas XSS. • https://wordpress.org/plugins/subscriber/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 1%CPEs: 1EXPL: 0

CVE-2017-18505 – BestWebSoft's Twitter < 2.55 - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18505

12 Apr 2017 — The twitter-plugin plugin before 2.55 for WordPress has XSS. El plugin twitter-plugin antes de la versión 2.55 para WordPress tiene XSS. The BestWebSoft's Twitter plugin before 2.55 for WordPress has XSS via several parameters. • https://wordpress.org/plugins/twitter-plugin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18517 – BestWebSoft's Pinterest <= 1.0.4 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2017-18517

12 Apr 2017 — The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues. El plugin bws-pinterest anterior a 1.0.5 para WordPress tiene múltiples problemas XSS The BestWebSoft's Pinterest plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser gran... • https://wordpress.org/plugins/bws-pinterest/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...3 4 5 6 7