Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WeblineIndia Welcome Popup welcome-popup allows Stored XSS.This issue affects Welcome Popup: from n/a through <= 1.0.10.

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Cal.com Cal.com cal-com allows Stored XSS.This issue affects Cal.com: from n/a through <= 1.0.0.

Missing Authorization vulnerability in moshensky CF7 Spreadsheets cf7-spreadsheets allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CF7 Spreadsheets: from n/a through <= 2.3.2.

Cross-Site Request Forgery (CSRF) vulnerability in Proptech Plugin Apimo Connector apimo allows Cross Site Request Forgery.This issue affects Apimo Connector: from n/a through <= 2.6.5.1.

Cross-Site Request Forgery (CSRF) vulnerability in appointy Appointy Appointment Scheduler appointy-appointment-scheduler allows Cross Site Request Forgery.This issue affects Appointy Appointment Scheduler: from n/a through <= 4.2.1.

Cross-Site Request Forgery (CSRF) vulnerability in designnbuy DesignO designo allows Cross Site Request Forgery.This issue affects DesignO: from n/a through <= 2.6.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Quantity Dynamic Pricing & Bulk Discounts for WooCommerce wholesale-pricing-woocommerce allows Stored XSS.This issue affects Quantity Dynamic Pricing & Bulk Discounts for WooCommerce: from n/a through <= 4.0.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in crazycric Ultimate Live Cricket WordPress Lite ultimate-live-cricket-lite allows Stored XSS.This issue affects Ultimate Live Cricket WordPress Lite: from n/a through <= 1.4.2.

Missing Authorization vulnerability in Chatwee Chat by Chatwee chatwee allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Chat by Chatwee: from n/a through <= 2.1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdiscover Timeline Event History timeline-event-history allows Stored XSS.This issue affects Timeline Event History: from n/a through <= 3.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in OpenMenu OpenMenu allows Stored XSS. This issue affects OpenMenu: from n/a through 3.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paolo Melchiorre Send E-mail send-e-mail allows Stored XSS.This issue affects Send E-mail: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in promoz73 Exit Popup Free exit-popup-free allows Stored XSS.This issue affects Exit Popup Free: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Denra.com WP Date and Time Shortcode wp-date-and-time-shortcode allows Stored XSS.This issue affects WP Date and Time Shortcode: from n/a through <= 2.6.7.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kibru Demeke Ethiopian Calendar ethiopian-calendar allows Stored XSS.This issue affects Ethiopian Calendar: from n/a through <= 1.1.1.

Cross-Site Request Forgery (CSRF) vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through <= 1.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through <= 1.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery – Photo Albums Plugin easy-media-gallery allows Stored XSS.This issue affects Gallery – Photo Albums Plugin: from n/a through <= 1.3.170.

Cross-Site Request Forgery (CSRF) vulnerability in leadfox Leadfox for WordPress leadfox allows Cross Site Request Forgery.This issue affects Leadfox for WordPress: from n/a through <= 2.1.9.

Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through <= 1.0.1.

Cross-Site Request Forgery (CSRF) vulnerability in Ashish Ajani WP Copy Media URL wp-copy-media-url allows Stored XSS.This issue affects WP Copy Media URL: from n/a through <= 2.1.

Unrestricted Upload of File with Dangerous Type vulnerability in appointify Appointify appointify allows Upload a Web Shell to a Web Server.This issue affects Appointify: from n/a through <= 1.0.8.

Missing Authorization vulnerability in Gagan Deep Singh PostmarkApp Email Integrator postmarkapp-email-integrator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostmarkApp Email Integrator: from n/a through <= 2.4.

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vasilis Triantafyllou Flag Icons language-icons-flags-switcher allows Stored XSS.This issue affects Flag Icons: from n/a through <= 2.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Custom Content Scrollbar custom-content-scrollbar allows Stored XSS.This issue affects Custom Content Scrollbar: from n/a through <= 1.3.