Winwar: Security Vulnerabilities
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Winwar Media WordPress Email Marketing Plugin – WP Email Capture.This issue affects WordPress Email Marketing Plugin – WP Email Capture: from n/a through 3.10.
CVSS Score
5.3
EPSS Score
0.006
Published
2023-12-21
Cross-Site Request Forgery (CSRF) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-23
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Email Capture plugin <= 3.9.3 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-02
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media Inline Tweet Sharer – Twitter Sharing Plugin plugin <= 2.5.3 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-25
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP eBay Product Feeds plugin <= 3.3.1 versions.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-03-23
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Flipclock plugin <= 1.7.4 versions.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-03-23
Cross-site scripting (XSS) vulnerability in magpie/scripts/magpie_slashbox.php in the Ebay Feeds for WordPress plugin 1.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the rss_url parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2019-12-27