CVEDB API

Vulnerabilities

Vulnerable Software

Wpdevart: Security Vulnerabilities

CVE-2022-47428

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WpDevArt Booking calendar, Appointment Booking System allows SQL Injection.This issue affects Booking calendar, Appointment Booking System: from n/a through 3.2.7.

CVSS Score

9.8

EPSS Score

0.002

Published

2023-11-06

CVE-2023-46075

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in wpdevart Contact Form Builder, Contact Widget plugin <= 2.1.6 versions.

CVSS Score

7.1

EPSS Score

0.001

Published

2023-10-26

CVE-2023-45630

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 versions.

CVSS Score

7.1

EPSS Score

0.001

Published

2023-10-18

CVE-2023-45629

Cross-Site Request Forgery (CSRF) vulnerability in wpdevart Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 versions.

CVSS Score

5.4

EPSS Score

0.001

Published

2023-10-16

CVE-2023-0900

The Pricing Table Builder WordPress plugin through 1.1.6 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admins.

CVSS Score

7.2

EPSS Score

0.051

Published

2023-06-05

CVE-2023-24387

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Organization chart plugin <= 1.4.4 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-04-06

CVE-2023-24002

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-04-06

CVE-2023-24004

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart Image and Video Lightbox, Image PopUp plugin <= 2.1.5 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-04-06

CVE-2023-23972

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin <= 0.8.39 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-04-06

CVE-2023-23870

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpdevart Responsive Vertical Icon Menu plugin <= 1.5.8 versions.

CVSS Score

5.9

EPSS Score

0.001

Published

2023-04-04

Prev Next

Page 2

Vulnerabilities

Vulnerable Software

Wpdevart: Security Vulnerabilities

Products

Pricing

Contact Us