Latest Bestwebsoft Vulnerabilities

CVE-2023-6250
BestWebSoft's Like & Share < 2.74 - Unauthenticated Password Protected Post Read
Bestwebsoft Like \& Share<2.74
CVE-2015-10127
PlusCaptcha Plugin cross site scripting
<=2.0.6
CVE-2014-125109
BestWebSoft Portfolio Plugin bws_menu.php bws_add_menu_render cross site scripting
<2.28
CVE-2012-10017
BestWebSoft Portfolio Plugin cross-site request forgery
<2.06
CVE-2023-29096
WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.0 is vulnerable to SQL Injection
Bestwebsoft Contact Form To Db<=1.7.0
CVE-2023-36527
WordPress Post to CSV by BestWebSoft Plugin <= 1.4.0 is vulnerable to CSV Injection
Bestwebsoft Post To Csv<=1.4.0
CVE-2023-36508
WordPress Contact Form to DB by BestWebSoft Plugin <= 1.7.1 is vulnerable to SQL Injection
Bestwebsoft Contact Form To Db<=1.7.1
CVE-2023-4469
The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to, a...
Bestwebsoft Profile Extra Fields<=1.2.7
CVE-2023-28778
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Pagination plugin <= 1.2.2 versions.
Bestwebsoft Pagination<=1.2.2
CVE-2014-125103
A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function twttr_settings_page of the file tw...
Bestwebsoft Twitter<=1.3.2
<=1.3.2
CVE-2012-10015
A vulnerability was found in BestWebSoft Twitter Plugin up to 2.14 on WordPress. It has been classified as problematic. Affected is the function twttr_settings_page of the file twitter.php of the comp...
Bestwebsoft Twitter<2.15
<2.15
CVE-2014-125102
A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Thumbnail Handl...
Bestwebsoft Relevant<1.0.8
<1.0.8
CVE-2014-125100
A vulnerability classified as problematic was found in BestWebSoft Job Board Plugin 1.0.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The att...
Bestwebsoft Job Board=1.0.0
=1.0.0
CVE-2023-0765
The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not properly escape values used in SQL queries, leading to an Blind SQL Injection vulnerability. The attacker must have at least the privi...
Bestwebsoft Gallery<4.7.0
CVE-2023-0764
The Gallery by BestWebSoft WordPress plugin before 4.7.0 does not perform proper sanitization of gallery information, leading to a Stored Cross-Site Scription vulnerability. The attacker must have at ...
Bestwebsoft Gallery<4.7.0
CVE-2022-44734
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Car Rental by BestWebSoft plugin <= 1.1.2 versions.
Bestwebsoft Car Rental<=1.1.2
CVE-2014-125097
A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttn_settings_page of the file facebook-button-plugin.php. ...
Bestwebsoft Facebook Button<2.34
<2.34
CVE-2012-10012
A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file fac...
Bestwebsoft Facebook Button<=2.13
<=2.13
CVE-2012-10010
A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrm_settings_page of the file contact_form.php. The manipulation leads...
Bestwebsoft Contact Form=3.21
=3.21
CVE-2014-125095
A vulnerability was found in BestWebSoft Contact Form Plugin 1.3.4 on WordPress and classified as problematic. Affected by this issue is the function bws_add_menu_render of the file bws_menu/bws_menu....
Bestwebsoft Contact Form=1.3.4
=1.3.4
CVE-2013-10022
A vulnerability, which was classified as problematic, has been found in BestWebSoft Contact Form Plugin 3.51 on WordPress. Affected by this issue is the function cntctfrm_display_form/cntctfrm_check_f...
Bestwebsoft Contact Form=3.51
=3.51
CVE-2023-0820
The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role.
Bestwebsoft User Role<1.6.7
CVE-2022-3393
The Post to CSV by BestWebSoft WordPress plugin through 1.4.0 does not properly escape fields when exporting data as CSV, leading to a CSV injection
Bestwebsoft Post To Csv<=1.4.0
CVE-2021-25121
The Rating by BestWebSoft WordPress plugin before 1.6 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such ...
Bestwebsoft Rating<1.6
CVE-2017-20055
A vulnerability classified as problematic has been found in BestWebSoft Contact Form Plugin 4.0.0. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is po...
Bestwebsoft Contact Form=4.0.0
CVE-2021-24966
The Error Log Viewer WordPress plugin through 1.1.1 does not validate the path of the log file to clear, allowing high privilege users to clear arbitrary files on the web server, including those outsi...
Bestwebsoft Error Log Viewer<=1.1.1
CVE-2021-24350
The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. The plugin would display the user's user agent string without validation or...
Bestwebsoft Visitors Online<=0.3
CVE-2020-8658
The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the pl...
Bestwebsoft Htaccess<=1.8.1
CVE-2015-9384
The relevant plugin before 1.0.8 for WordPress has XSS.
Bestwebsoft Relevant<1.0.8
CVE-2015-9385
The quotes-and-tips plugin before 1.20 for WordPress has XSS.
Bestwebsoft Quotes And Tips<1.20
CVE-2017-18590
The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues.
Bestwebsoft Timesheet<0.1.5
CVE-2015-9335
The limit-attempts plugin before 1.1.1 for WordPress has SQL injection during IP address handling.
Bestwebsoft Limit Attempts<1.1.1
CVE-2013-7481
The contact-form-plugin plugin before 3.3.5 for WordPress has XSS.
Bestwebsoft Contact Form<3.3.5
CVE-2018-20970
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues.
Bestwebsoft Pdf \& Print<2.0.3
CVE-2017-18562
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.
Bestwebsoft Error Log Viewer<1.0.6
CVE-2017-18564
The sender plugin before 1.2.1 for WordPress has multiple XSS issues.
Bestwebsoft Sender<1.2.1
CVE-2017-18565
The updater plugin before 1.35 for WordPress has multiple XSS issues.
Bestwebsoft Updater<1.35
CVE-2017-18557
The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.
Bestwebsoft Google Maps<1.3.6
CVE-2017-18558
The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.
Bestwebsoft Testimonials<0.1.9
CVE-2017-18556
The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues.
Bestwebsoft Google Analytics<1.7.1
CVE-2017-18537
The visitors-online plugin before 1.0.0 for WordPress has multiple XSS issues.
Bestwebsoft Visitors Online<1.0.0
CVE-2017-18566
The user-role plugin before 1.5.6 for WordPress has multiple XSS issues.
Bestwebsoft User Role<1.5.6
CVE-2017-18527
The pagination plugin before 1.0.7 for WordPress has multiple XSS issues.
Bestwebsoft Pagination<1.0.7
CVE-2017-18528
The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues.
Bestwebsoft Pdf \& Print<1.9.4
CVE-2017-18532
The realty plugin before 1.1.0 for WordPress has multiple XSS issues.
Bestwebsoft Realty<1.1.0
CVE-2017-18529
The promobar plugin before 1.1.1 for WordPress has multiple XSS issues.
Bestwebsoft Promobar<1.1.1
CVE-2017-18530
The rating-bws plugin before 0.2 for WordPress has multiple XSS issues.
Bestwebsoft Rating<0.2
CVE-2017-18518
The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues.
Bestwebsoft Smtp<1.1.0
CVE-2017-18517
The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues.
Bestwebsoft Pinterest<1.0.5
CVE-2017-18542
The zendesk-help-center plugin before 1.0.5 for WordPress has multiple XSS issues.
Bestwebsoft Zendesk Help Center<1.0.5

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203