Lucene search

W3Eden Security Vulnerabilities

cve

CVE-2015-9301

The liveforms plugin before 3.2.0 for WordPress has SQL injection.

9.8CVSS

9.9AI Score

0.001EPSS

2019-08-13 05:15 PM

cve

CVE-2017-18497

The liveforms plugin before 3.4.0 for WordPress has XSS.

6.1CVSS

6.4AI Score

0.001EPSS

2019-08-13 05:15 PM

cve

CVE-2021-36896

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Pricing Table (WordPress plugin) versions <= 1.5.2

4.8CVSS

4.8AI Score

0.001EPSS

2022-04-11 08:15 PM

cve

CVE-2024-1766

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's Display Name in all versions up to, and including, 3.2.86 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level access ...

5.4CVSS

4.4AI Score

0.001EPSS

2024-06-12 11:15 AM