Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Noorsplugin Subscribe
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-52143 1 Noorsplugin 1 Wp Stripe Checkout 2024-02-06 N/A 7.5 HIGH
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37.
CVE-2023-51689 1 Noorsplugin 1 Easy Video Player 2024-02-06 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10.
CVE-2022-3983 1 Noorsplugin 1 Checkout For Paypal 2023-12-10 N/A 5.4 MEDIUM
The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2022-3987 1 Noorsplugin 1 Responsive Lightbox2 2023-12-10 N/A 5.4 MEDIUM
The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2022-3986 1 Noorsplugin 1 Wp Stripe Checkout 2023-12-10 N/A 5.4 MEDIUM
The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
CVE-2022-3937 1 Noorsplugin 1 Easy Video Player 2023-12-10 N/A 5.4 MEDIUM
The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.