Fullworksplugins: Security Vulnerabilities
The Quick Event Manager WordPress Plugin, version < 9.7.5, is affected by a reflected cross-site scripting vulnerability in the 'category' parameter of its 'qem_ajax_calendar' action.
CVSS Score
6.1
EPSS Score
0.111
Published
2023-01-20
Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Meet My Team plugin <= 2.0.5 at WordPress.
CVSS Score
4.1
EPSS Score
0.002
Published
2022-09-23
The stop-user-enumeration plugin before 1.3.8 for WordPress has XSS.
CVSS Score
6.1
EPSS Score
0.052
Published
2019-08-21
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
CVSS Score
5.3
EPSS Score
0.004
Published
2017-11-17
Page 2