Filtered by vendor Webdevstudios Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-1623 1 Webdevstudios 1 Custom Post Type Ui 2024-11-21 6.5 Medium
The Custom Post Type UI WordPress plugin before 1.13.5 does not properly check for CSRF when sending the debug information to a user supplied email, which could allow attackers to make a logged in admin send such information to an arbitrary email address via a CSRF attack.
CVE-2015-9373 1 Webdevstudios 1 Ithemes Paypal Pro 2024-11-21 N/A
PayPal Pro Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via add_query_arg() and remove_query_arg().
CVE-2015-10120 1 Webdevstudios 1 Wds Multisite Aggregate 2024-11-21 3.5 Low
A vulnerability, which was classified as problematic, was found in WDS Multisite Aggregate Plugin up to 1.0.0 on WordPress. Affected is the function update_options of the file includes/WDS_Multisite_Aggregate_Options.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.1 is able to address this issue. The name of the patch is 49e0bbcb6ff70e561365d9e0d26426598f63ca12. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-233364.
CVE-2015-10013 1 Webdevstudios 1 Taxonomy Switcher 2024-11-21 3.5 Low
A vulnerability was found in WebDevStudios taxonomy-switcher Plugin up to 1.0.3 on WordPress. It has been classified as problematic. Affected is the function taxonomy_switcher_init of the file taxonomy-switcher.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 1.0.4 is able to address this issue. It is recommended to upgrade the affected component. VDB-217446 is the identifier assigned to this vulnerability.