Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bestwebsoft vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2023-4469
The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated malicious users ...
Bestwebsoft Profile Extra Fields
6.1
CVSSv3
CVE-2017-18562
The error-log-viewer plugin prior to 1.0.6 for WordPress has multiple XSS issues.
Bestwebsoft Error Log Viewer
6.1
CVSSv3
CVE-2017-18493
The custom-admin-page plugin prior to 0.1.2 for WordPress has multiple XSS issues.
Bestwebsoft Custom Admin Page
5.4
CVSSv3
CVE-2017-20055
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the pu...
Bestwebsoft Contact Form 4.0.0
6.1
CVSSv3
CVE-2013-10022
A vulnerability, which was classified as problematic, has been found in BestWebSoft Contact Form Plugin 3.51 on WordPress. Affected by this issue is the function cntctfrm_display_form/cntctfrm_check_form of the file contact_form.php. The manipulation leads to cross site scripting...
Bestwebsoft Contact Form 3.51
6.1
CVSSv3
CVE-2014-125095
A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 on WordPress and classified as problematic. Affected by this issue is the function bws_add_menu_render of the file bws_menu/bws_menu.php. The manipulation of the argument bwsmn_form_email leads to cross site scrip...
Bestwebsoft Contact Form 1.3.4
6.1
CVSSv3
CVE-2017-18490
The contact-form-multi plugin prior to 1.2.1 for WordPress has multiple XSS issues.
Bestwebsoft Contact Form Multi
6.1
CVSSv3
CVE-2017-18500
The social-buttons-pack plugin prior to 1.1.1 for WordPress has multiple XSS issues.
Bestwebsoft Social Buttons Pack
6.1
CVSSv3
CVE-2017-18542
The zendesk-help-center plugin prior to 1.0.5 for WordPress has multiple XSS issues.
Bestwebsoft Zendesk Help Center
6.5
CVSSv3
CVE-2021-24761
The Error Log Viewer WordPress plugin prior to 1.1.2 does not perform nonce check when deleting a log file and does not have path traversal prevention, which could allow malicious users to make a logged in admin delete arbitrary text files on the web server.
Bestwebsoft Error Log Viewer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »