Filtered by vendor Etoilewebdesign
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24313 | 1 Etoilewebdesign | 1 Ultimate Appointment Booking \& Scheduling | 2024-11-21 | 6.1 Medium |
| Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "Appointment_ID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL. | ||||
| CVE-2019-17233 | 1 Etoilewebdesign | 1 Ultimate Faq | 2024-11-21 | 6.1 Medium |
| Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection. | ||||
| CVE-2019-17232 | 1 Etoilewebdesign | 1 Ultimate Faq | 2024-11-21 | 7.5 High |
| Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import. | ||||
| CVE-2019-15643 | 1 Etoilewebdesign | 1 Ultimate Faq | 2024-11-21 | N/A |
| The ultimate-faqs plugin before 1.8.22 for WordPress has XSS. | ||||
| CVE-2024-43343 | 1 Etoilewebdesign | 1 Order Tracking | 2024-11-13 | 4.3 Medium |
| Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12. | ||||