Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

32,810,326
Attacks Blocked in Past 24 Hours

Showing 4321-4340 of 6,146 Vulnerabilities

WP Statistics <= 12.6.6.1 - Unauthenticated Stored Cross-Site Scripting via IP Manipulation
7.2
CVE ID Unknown
Jul 1, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Easy restaurant menu manager <= 1.1.2 - Cross-Site Scripting
6.1
CVE-2019-15842
Jun 29, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Essential Real Estate <= 1.7.1 - Reflected Cross-Site Scripting
6.1
CVE ID Unknown
Jun 29, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Watu Quiz 3.1.2.1 - 3.1.2.5 - Reflected Cross-Site Scripting
7.1
CVE ID Unknown
Jun 28, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
360 Product Rotation < 1.4.8 - Reflected Cross-Site Scripting
6.1
CVE-2019-15082
Jun 27, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WebP Express <= 0.14.10 - Authenticated Stored Cross-Site Scripting
5.4
CVE-2019-15837
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Live Chat Unlimited <= 2.8.3 - Stored Cross-Site Scripting
7.2
CVE ID Unknown
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
WP Ultimate Recipe < 3.12.7 - Stored Cross-Site Scripting
5.4
CVE-2019-15836
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
WP LiveChat <= 3.7.3 - Stored Cross-Site Scripting
6.4
CVE ID Unknown
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Limb Gallery – Create Beautiful Image & Video Galleries <= 1.3.2 - Cross-Site Scripting
6.1
CVE-2019-14790
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Custom 404 Pro <= 3.2.8 - Reflected Cross-Site Scripting
6.1
CVE-2019-14789
Jun 25, 2019
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Intelligent WordPress Live Chat Support Plugin | Utilities <= 1.0.4 - Stored Cross-Site Scripting
7.2
CVE ID Unknown
Jun 25, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting
6.1
CVE-2019-14946
Jun 24, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Custom 404 Pro <= 3.2.7 - Reflected Cross-Site Scripting
6.1
CVE-2019-15838
Jun 24, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting
5.4
CVE-2019-14947
Jun 24, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting
5.4
CVE-2019-14785
Jun 23, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting
6.1
CVE-2019-14784
Jun 23, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Photospace Responsive <= 1.1.7 - Cross-Site Scripting
6.4
CVE ID Unknown
Jun 22, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Import and export users and customers <= 1.14.1.2 - Cross-Site Scripting
6.1
CVE-2019-15327
Jun 20, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Rank Math SEO <= 1.0.26 - Cross-Site Scripting
7.2
CVE ID Unknown
Jun 18, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
WP Statistics <= 12.6.6.1 - Unauthenticated Stored Cross-Site Scripting via IP Manipulation 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N July 1, 2019
Easy restaurant menu manager <= 1.1.2 - Cross-Site Scripting CVE-2019-15842 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 29, 2019
Essential Real Estate <= 1.7.1 - Reflected Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 29, 2019
Watu Quiz 3.1.2.1 - 3.1.2.5 - Reflected Cross-Site Scripting 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L June 28, 2019
360 Product Rotation < 1.4.8 - Reflected Cross-Site Scripting CVE-2019-15082 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 27, 2019
WebP Express <= 0.14.10 - Authenticated Stored Cross-Site Scripting CVE-2019-15837 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 26, 2019
Live Chat Unlimited <= 2.8.3 - Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 26, 2019
WP Ultimate Recipe < 3.12.7 - Stored Cross-Site Scripting CVE-2019-15836 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 26, 2019
WP LiveChat <= 3.7.3 - Stored Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 26, 2019
Limb Gallery – Create Beautiful Image & Video Galleries <= 1.3.2 - Cross-Site Scripting CVE-2019-14790 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 26, 2019
Custom 404 Pro <= 3.2.8 - Reflected Cross-Site Scripting CVE-2019-14789 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 25, 2019
Intelligent WordPress Live Chat Support Plugin | Utilities <= 1.0.4 - Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 25, 2019
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting CVE-2019-14946 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 24, 2019
Custom 404 Pro <= 3.2.7 - Reflected Cross-Site Scripting CVE-2019-15838 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 24, 2019
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting CVE-2019-14947 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 24, 2019
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting CVE-2019-14785 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 23, 2019
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting CVE-2019-14784 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 23, 2019
Photospace Responsive <= 1.1.7 - Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 22, 2019
Import and export users and customers <= 1.14.1.2 - Cross-Site Scripting CVE-2019-15327 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 20, 2019
Rank Math SEO <= 1.0.26 - Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 18, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation