NotCVE - vendor:"Wpwax" product:"Team" version:" <= 1.2.6"

4 results (0.004 seconds)

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-44002 – WordPress Team Showcase plugin <= 1.22.25 - Reflected Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-44002

16 Sep 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Reflected XSS.This issue affects Team Showcase: from n/a through 1.22.25. The Team Showcase plugin for WordPress is vulnerable to Reflected Cross-Site Scripting in versions up to, and including, 1.22.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute ... • https://patchstack.com/database/vulnerability/team/wordpress-team-showcase-plugin-1-22-25-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2024-43321 – WordPress Team Showcase plugin <= 1.22.23 - Cross Site Scripting (XSS) vulnerability

https://notcve.org/view.php?id=CVE-2024-43321

16 Aug 2024 — Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Team Showcase allows Stored XSS.This issue affects Team Showcase: from n/a through 1.22.23. The Team Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.22.23 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary ... • https://patchstack.com/database/vulnerability/team/wordpress-team-showcase-plugin-1-22-23-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-34650 – WordPress Team plugin <= 1.2.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities

https://notcve.org/view.php?id=CVE-2022-34650

20 Jul 2022 — Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. Múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) Autenticado (rol de colaborador o usuario superior) Almacenado en el plugin wpWax Team versiones anteriores a 1.2.6 incluyéndola, en WordPress The Team plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.2.6 due to insuffici... • https://patchstack.com/database/vulnerability/adl-team/wordpress-team-plugin-1-2-6-multiple-stored-cross-site-scripting-xss-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0

CVE-2022-34853 – WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

https://notcve.org/view.php?id=CVE-2022-34853

20 Jul 2022 — Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. Múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) Persistentes Autenticado (rol de colaborador o superior) en el plugin wpWax Team versiones anteriores a 1.2.6 incluyéndola, en WordPress The Team plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 1.2.6 due to insufficien... • https://patchstack.com/database/vulnerability/adl-team/wordpress-team-plugin-1-2-6-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •