Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zackgilbert WPHelpful wphelpful allows Stored XSS.This issue affects WPHelpful: from n/a through <= 1.2.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ristretto Apps Dashing Memberships dashing-memberships allows Reflected XSS.This issue affects Dashing Memberships: from n/a through <= 1.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detlef Beyer SVT Simple svt-simple allows Reflected XSS.This issue affects SVT Simple: from n/a through <= 1.0.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Roman Peterhans Simplistic SEO simplistic-seo allows Reflected XSS.This issue affects Simplistic SEO: from n/a through <= 2.3.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arsdehnel Simple Modal simplemodal allows Cross-Site Scripting (XSS).This issue affects Simple Modal: from n/a through <= 0.3.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Perception System System Pvt. Ltd. Ajax Content Filter ajax-content-filter allows Reflected XSS.This issue affects Ajax Content Filter: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Twitter real time search scrolling twitter-real-time-search-scrolling allows Reflected XSS.This issue affects Twitter real time search scrolling: from n/a through <= 7.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in techdabang User Password Reset user-password-reset allows Reflected XSS.This issue affects User Password Reset: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TRe Technology And Research S.r.l. HQ60 Fidelity Card hq60-fidelity-card allows Reflected XSS.This issue affects HQ60 Fidelity Card: from n/a through <= 1.8.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Visser Jigoshop – Store Toolkit jigoshop-store-toolkit allows Reflected XSS.This issue affects Jigoshop – Store Toolkit: from n/a through <= 1.4.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hitesh Khunt Saragna saragna-social-stream allows Reflected XSS.This issue affects Saragna: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Minerva Infotech Responsive Data Table responsive-data-table allows Reflected XSS.This issue affects Responsive Data Table: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mariandz TeleAdmin teleadmin allows Reflected XSS.This issue affects TeleAdmin: from n/a through <= 1.0.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Narnoo Narnoo Commerce Manager narnoo-commerce-manager allows Reflected XSS.This issue affects Narnoo Commerce Manager: from n/a through <= 1.6.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodin WP Visual Adverts wp-visual-adverts allows Reflected XSS.This issue affects WP Visual Adverts: from n/a through <= 2.3.0.

The The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.4.2.2. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stefan Backor Firework Shoppable Live Video firework-videos allows Reflected XSS.This issue affects Firework Shoppable Live Video: from n/a through <= 6.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eewee eewee admin custom eewee-admincustom allows Reflected XSS.This issue affects eewee admin custom: from n/a through <= 1.8.2.4.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jason Coleman Don't Break The Code dont-break-the-code allows Reflected XSS.This issue affects Don't Break The Code: from n/a through <= .3.1.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tevya Satisfaction Reports from Help Scout happiness-reports-for-help-scout allows Reflected XSS.This issue affects Satisfaction Reports from Help Scout: from n/a through <= 2.0.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sam Hotchkiss Daily Image daily-image allows Reflected XSS.This issue affects Daily Image: from n/a through <= 1.0.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in biplob018 Team Showcase and Slider – Team Members Builder team-showcase-ultimate allows Reflected XSS.This issue affects Team Showcase and Slider – Team Members Builder: from n/a through <= 1.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chris Gipple PropertyShift propertyshift allows Reflected XSS.This issue affects PropertyShift: from n/a through <= 1.0.0.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MicahBlu RSVP ME rsvp-me allows SQL Injection.This issue affects RSVP ME: from n/a through <= 1.9.9.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in lodgix Lodgix.com Vacation Rental Website Builder lodgixcom-vacation-rental-listing-management-booking-plugin allows SQL Injection.This issue affects Lodgix.com Vacation Rental Website Builder: from n/a through <= 3.9.73.