Ithemes: Security Vulnerabilities
iThemes Builder Style Manager before 0.7.7 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Easy US Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Invoices Add-on for iThemes Exchange before 1.4.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
iThemes Exchange before 1.12.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Authorize.net Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Custom URL Tracking Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Easy Canadian Sales Taxes Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.004
Published
2019-08-28
Easy EU Value Added (VAT) Taxes Add-on for iThemes Exchange before 1.2.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVSS Score
6.1
EPSS Score
0.005
Published
2019-08-28
The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.
CVSS Score
7.2
EPSS Score
0.484
Published
2018-06-22