Quadlayers: Security Vulnerabilities
The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks.
CVSS Score
4.8
EPSS Score
0.001
Published
2022-08-22
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4).
CVSS Score
4.3
EPSS Score
0.001
Published
2022-02-18
The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure.
CVSS Score
4.3
EPSS Score
0.005
Published
2022-02-18
The insta-gallery plugin before 2.4.8 for WordPress has no nonce validation for qligg_dismiss_notice or qligg_form_item_delete.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-08-29