Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bestwebsoft vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-28778
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions.
Bestwebsoft Pagination
NA
CVE-2014-125102
A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handler. The manipulation leads to information disclosure. The attack can be launched...
Bestwebsoft Relevant
NA
CVE-2014-125103
A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function twttr_settings_page of the file twitter.php. The manipulation of the argument twttr_url_twitter/bws_license_key/bw...
Bestwebsoft Twitter
605
VMScore
CVE-2020-8658
The BestWebSoft Htaccess plugin up to and including 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the plugin does not validate it correctly, resulting in a wrong implem...
Bestwebsoft Htaccess
1 Github repository
356
VMScore
CVE-2021-25121
The Rating by BestWebSoft WordPress plugin prior to 1.6 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating
Bestwebsoft Rating
NA
CVE-2015-10127
A vulnerability was found in PlusCaptcha Plugin up to 2.0.6 on WordPress and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.14 is able t...
Bestwebsoft Pluscaptcha
NA
CVE-2023-0764
The Gallery by BestWebSoft WordPress plugin prior to 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at least the privileges of the Author role.
Bestwebsoft Gallery
383
VMScore
CVE-2017-18501
The social-login-bws plugin prior to 0.2 for WordPress has multiple XSS issues.
Bestwebsoft Social Login
383
VMScore
CVE-2017-18505
The twitter-plugin plugin prior to 2.55 for WordPress has XSS.
Bestwebsoft Twitter Button
NA
CVE-2023-6250
The BestWebSoft's Like & Share WordPress plugin prior to 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag
Bestwebsoft Like \\& Share
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »