NA - CVE-2024-13325 - The Glossy WordPress plugin through 2.3.5 does...
The Glossy WordPress plugin through 2.3.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against...
NA - CVE-2024-13326 - The iBuildApp WordPress plugin through 0.2.0...
The iBuildApp WordPress plugin through 0.2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against...
NA - CVE-2024-13327 - The Musicbox WordPress plugin through 2.0.3...
The Musicbox WordPress plugin through 2.0.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against...
NA - CVE-2024-13328 - The Giga Messenger WordPress plugin through...
The Giga Messenger WordPress plugin through 2.3.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used...
NA - CVE-2024-13329 - The Solidres WordPress plugin through 0.9.4...
The Solidres WordPress plugin through 0.9.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against...
NA - CVE-2024-13330 - The JustRows free WordPress plugin through 0.2...
The JustRows free WordPress plugin through 0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used...
NA - CVE-2024-13331 - The WP Dream Carousel WordPress plugin through...
The WP Dream Carousel WordPress plugin through 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used...
NA - CVE-2024-13332 - The TransFinanz WordPress plugin through 1.0.0...
The TransFinanz WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used...
NA - CVE-2025-0368 - The Banner Garden Plugin for WordPress plugin...
The Banner Garden Plugin for WordPress plugin through 0.1.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could...
NA - CVE-2025-0466 - The Sensei LMS WordPress plugin before 4.24.4...
The Sensei LMS WordPress plugin before 4.24.4 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak sensei_email and sensei_message Information.