Common Vulnerabilities

In the Lana Codes Common Vulnerability Database (LANACOMMONVDB), we collect the vulnerabilities we discover in other systems and provide standard descriptions.

CVE ID:

CVE-2023-0589

WordPress Plugin

wp-image-carousel <= 1.0.2

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0538

WordPress Plugin

campaign-url-builder <= 1.8.1

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0491

WordPress Plugin

schedulicity-online-appointment-booking <= 2.21

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0492

WordPress Plugin

gs-woocommerce-products-slider <= 1.5.8

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0539

WordPress Plugin

gs-instagram-portfolio <= 1.4.4

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0540

WordPress Plugin

gs-portfolio <= 1.6.0

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0541

WordPress Plugin

gs-books-showcase <= 1.3.0

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0559

WordPress Plugin

gs-envato-portfolio <= 1.3.8

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0535

WordPress Plugin

donations-block <= 2.0.0

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More

CVE ID:

CVE-2023-0362

WordPress Plugin

themify-portfolio-post <= 1.2.1

Vulnerability Type:

Cross-Site Scripting (XSS)

The plugin does not sanitize and escapes some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting (XSS) attacks.

Read More