Vulnerabilities protected by our XSS: Cross Site Scripting firewall rule

33,410,251
Attacks Blocked in Past 24 Hours

Showing 4401-4420 of 6,219 Vulnerabilities

Live Chat Unlimited <= 2.8.3 - Stored Cross-Site Scripting
7.2
CVE ID Unknown
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
WP Ultimate Recipe < 3.12.7 - Stored Cross-Site Scripting
5.4
CVE-2019-15836
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
WP LiveChat <= 3.7.3 - Stored Cross-Site Scripting
6.4
CVE ID Unknown
Jun 26, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Intelligent WordPress Live Chat Support Plugin | Utilities <= 1.0.4 - Stored Cross-Site Scripting
7.2
CVE ID Unknown
Jun 25, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Custom 404 Pro <= 3.2.8 - Reflected Cross-Site Scripting
6.1
CVE-2019-14789
Jun 25, 2019
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting
6.1
CVE-2019-14946
Jun 24, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting
5.4
CVE-2019-14947
Jun 24, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Custom 404 Pro <= 3.2.7 - Reflected Cross-Site Scripting
6.1
CVE-2019-15838
Jun 24, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting
6.1
CVE-2019-14784
Jun 23, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting
5.4
CVE-2019-14785
Jun 23, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Photospace Responsive <= 1.1.7 - Cross-Site Scripting
6.4
CVE ID Unknown
Jun 22, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Import and export users and customers <= 1.14.1.2 - Cross-Site Scripting
6.1
CVE-2019-15327
Jun 20, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Rank Math SEO <= 1.0.26 - Cross-Site Scripting
7.2
CVE ID Unknown
Jun 18, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Cookieless Backend Server Tracking for Google Analytics – WordPress Plugin < 1.2.1 - Cross-Site Scripting
6.1
CVE ID Unknown
Jun 18, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
WordPress Download Manager <= 2.9.96 - Cross-Site Scripting
6.1
CVE ID Unknown
Jun 16, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Real Estate Manager – Property Listing and Agent Management <= 6.8 - Cross-Site Scripting
6.1
CVE ID Unknown
Jun 13, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.9.15 - Stored Cross-Site Scripting
6.1
CVE-2019-15116
Jun 12, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Support Board <= 1.2.8 - Authenticated Stored Cross-Site Scripting
6.4
CVE ID Unknown
Jun 11, 2019
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Online Lesson Booking <= 0.8.6 - Cross-Site Scripting
6.1
CVE-2019-5972
Jun 10, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attendance Manager <= 0.5.6 - Stored Cross-Site Scripting
6.1
CVE-2019-5970
Jun 10, 2019
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Title CVE ID CVSS Vector Date
Live Chat Unlimited <= 2.8.3 - Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 26, 2019
WP Ultimate Recipe < 3.12.7 - Stored Cross-Site Scripting CVE-2019-15836 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 26, 2019
WP LiveChat <= 3.7.3 - Stored Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 26, 2019
Intelligent WordPress Live Chat Support Plugin | Utilities <= 1.0.4 - Stored Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 25, 2019
Custom 404 Pro <= 3.2.8 - Reflected Cross-Site Scripting CVE-2019-14789 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 25, 2019
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting CVE-2019-14946 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 24, 2019
Ultimate Member <= 2.0.51 - Cross-Site Request Forgery and Stored Cross-Site Scripting CVE-2019-14947 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 24, 2019
Custom 404 Pro <= 3.2.7 - Reflected Cross-Site Scripting CVE-2019-15838 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 24, 2019
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting CVE-2019-14784 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 23, 2019
CP Contact Form with PayPal <= 1.3.01 - Cross-Site Scripting CVE-2019-14785 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N June 23, 2019
Photospace Responsive <= 1.1.7 - Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 22, 2019
Import and export users and customers <= 1.14.1.2 - Cross-Site Scripting CVE-2019-15327 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 20, 2019
Rank Math SEO <= 1.0.26 - Cross-Site Scripting 7.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N June 18, 2019
Cookieless Backend Server Tracking for Google Analytics – WordPress Plugin < 1.2.1 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 18, 2019
WordPress Download Manager <= 2.9.96 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 16, 2019
Real Estate Manager – Property Listing and Agent Management <= 6.8 - Cross-Site Scripting 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 13, 2019
Easy Digital Downloads – Simple eCommerce for Selling Digital Files <= 2.9.15 - Stored Cross-Site Scripting CVE-2019-15116 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 12, 2019
Support Board <= 1.2.8 - Authenticated Stored Cross-Site Scripting 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N June 11, 2019
Online Lesson Booking <= 0.8.6 - Cross-Site Scripting CVE-2019-5972 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 10, 2019
Attendance Manager <= 0.5.6 - Stored Cross-Site Scripting CVE-2019-5970 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N June 10, 2019

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation