Cross-Site Request Forgery (CSRF) vulnerability in Z.com byGMO GMO Social Connection gmo-social-connection allows Cross-Site Scripting (XSS).This issue affects GMO Social Connection: from n/a through <= 1.2.

Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading while-it-is-loading allows Stored XSS.This issue affects While Loading: from n/a through <= 3.0.

Cross-Site Request Forgery (CSRF) vulnerability in a.ankit Webriti Custom Login webriti-custom-login-page allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through <= 0.3.

Cross-Site Request Forgery (CSRF) vulnerability in ivycat Simple Page Specific Sidebars page-specific-sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through <= 2.14.1.

Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow sh-slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through <= 4.3.

Cross-Site Request Forgery (CSRF) vulnerability in Md Eftakhairul Islam Sticky Social Bar sticky-social-bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through <= 2.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Clyp Clyp clyp allows Stored XSS.This issue affects Clyp: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WorldMarkerter WM Zoom wm-zoom allows DOM-Based XSS.This issue affects WM Zoom: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sided Sided sided allows DOM-Based XSS.This issue affects Sided: from n/a through <= 1.4.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Classy Addons Classy Addons for Elementor classy-addons-for-elementor allows DOM-Based XSS.This issue affects Classy Addons for Elementor: from n/a through <= 1.2.7.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jasonpancake Hover Video Preview hover-video-preview allows Stored XSS.This issue affects Hover Video Preview: from n/a through <= 1.0.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Odyno EndomondoWP endomondowp allows Stored XSS.This issue affects EndomondoWP: from n/a through <= 0.1.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Steven Nolles Bonway Static Block Editor bonway-static-block-editor allows DOM-Based XSS.This issue affects Bonway Static Block Editor: from n/a through <= 1.1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Abdullah Nahian Awesome Progress Bar awesome-progess-bar allows DOM-Based XSS.This issue affects Awesome Progress Bar: from n/a through <= 1.0.13.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Hodder Themedy Toolbox themedy-toolbox allows DOM-Based XSS.This issue affects Themedy Toolbox: from n/a through <= 1.0.16.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Riley Magnuson MyOrderDesk myorderdesk allows DOM-Based XSS.This issue affects MyOrderDesk: from n/a through <= 3.2.6.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AuburnForest DataMentor datamentor allows DOM-Based XSS.This issue affects DataMentor: from n/a through <= 1.7.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mudssar amazing neo icon font for elementor amazing-neo-icon-font-for-elementor allows DOM-Based XSS.This issue affects amazing neo icon font for elementor: from n/a through <= 2.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zachsilberstein RLM Elementor Widgets Pack rlm-elementor-widgets-pack allows DOM-Based XSS.This issue affects RLM Elementor Widgets Pack: from n/a through <= 1.3.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in overclokk Advanced Control Manager for WordPress by ItalyStrap advanced-control-manager allows Stored XSS.This issue affects Advanced Control Manager for WordPress by ItalyStrap: from n/a through <= 2.16.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in demixpress (dp) AddThis dp-addthis allows Stored XSS.This issue affects (dp) AddThis: from n/a through <= 1.0.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in irfantea Show Visitor IP Address show-visitor-ip-address allows Stored XSS.This issue affects Show Visitor IP Address: from n/a through <= 0.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefano Marra Smart Mockups smart-mockups allows Stored XSS.This issue affects Smart Mockups: from n/a through <= 1.2.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tamer Ziady GDReseller gdreseller allows DOM-Based XSS.This issue affects GDReseller: from n/a through <= 1.6.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kyle M Brown Step by Step step-by-step allows Stored XSS.This issue affects Step by Step: from n/a through <= 0.4.5.