CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18562 – Error Log Viewer by BestWebSoft < 1.0.6 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18562
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues. El plugin de error-log-viewer anterior a la versión 1.0.6 para WordPress tiene múltiples problemas de XSS. The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, 1.0.6 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can trick a victim into performing an action, such as clicking on a link. • https://wordpress.org/plugins/error-log-viewer/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18496 – Htaccess by BestWebSoft – WordPress Website Access Control Plugin <= 1.7.5 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18496
The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues. El complemento htaccess anterior a 1.7.6 para WordPress tiene múltiples problemas XSS. The "Htaccess by BestWebSoft – WordPress Website Access Control Plugin" plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.7.5 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser granted they can trick a victim into performing an action, such as clicking on a link. • https://wordpress.org/plugins/htaccess/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18528 – Download PDF & Print by BestWebSoft – WordPress Posts and Pages PDF Generator Plugin <= 1.9.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18528
The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. El plugin de impresión pdf antes de 1.9.4 para WordPress tiene múltiples problemas XSS. • https://wordpress.org/plugins/pdf-print/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18501 – Social Login by BestWebSoft <= 0.1 - Multiple Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18501
The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues. El plugin social-login-bws antes de la versión 0.2 para WordPress tiene múltiples problemas XSS. The Social Login by BestWebSoft plugin for WordPress is vulnerable to Cross-Site Scripting in versions up to, and including, 0.1 due to insufficient input sanitization and output escaping on the 'category' parameter. This makes it possible for unauthenticated attackers to inject arbitrary web scripts that execute in a victim's browser. • https://wordpress.org/plugins/social-login-bws/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-18505 – BestWebSoft's Twitter < 2.55 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2017-18505
The twitter-plugin plugin before 2.55 for WordPress has XSS. El plugin twitter-plugin antes de la versión 2.55 para WordPress tiene XSS. The BestWebSoft's Twitter plugin before 2.55 for WordPress has XSS via several parameters. • https://wordpress.org/plugins/twitter-plugin/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •