Muhammad Yudha - Dj

Name of the Vulnerable Software and Affected Versions: Dynamic Text Field For Contact Form 7 versions through 1.0 Description: The software contains an Improper Neutralization of Input During Web Page Generation vulnerability, which allows for Stored Cross-site Scripting (XSS). Recommendations: Update to a version later than 1.0.

Name of the Vulnerable Software and Affected Versions: Joe Dolson My Tickets versions through 2.0.22 Description: The software contains an improper neutralization of input during web page generation, leading to a cross-site scripting (XSS) issue. This allows for stored XSS attacks. Recommendations: Update Joe Dolson My Tickets to a version later than 2.0.22.

Name of the Vulnerable Software and Affected Versions: AntoineH Football Pool versions through 2.12.6 Description: The software contains an improper neutralization of input during web page generation, leading to a cross-site scripting issue. The vulnerability allows for stored cross-site scripting (XSS). Recommendations: Update AntoineH Football Pool to a version later than 2.12.6.

Name of the Vulnerable Software and Affected Versions: Additional Custom Product Tabs for WooCommerce versions through 1.7.3 Description: The software contains a cross-site scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. Recommendations: Update Additional Custom Product Tabs for WooCommerce to a version later than 1.7.3.

**Name of the Vulnerable Software and Affected Versions** mulscully Today's Date Inserter versions through 1.2.1 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update Today's Date Inserter to a version later than 1.2.1.

**Name of the Vulnerable Software and Affected Versions** Easy Flash Embed versions through 1.0 **Description** The software contains a cross-site scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WP Flow Plus versions through 5.2.5 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update WP Flow Plus to a version later than 5.2.5.

**Name of the Vulnerable Software and Affected Versions** PDF for WPForms versions through 6.2.1 **Description** The software contains a cross-site scripting (XSS) vulnerability due to improper neutralization of input during web page generation. This allows for stored XSS attacks. **Recommendations** Update PDF for WPForms to a version later than 6.2.1.

**Name of the Vulnerable Software and Affected Versions** Amuse Labs PuzzleMe for WordPress versions through 1.2.0 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update PuzzleMe for WordPress to a version later than 1.2.0.

**Name of the Vulnerable Software and Affected Versions** Bohemia Plugins Event Feed for Eventbrite versions through 1.3.2 **Description** The software contains a DOM-Based Cross-site Scripting (XSS) issue due to improper neutralization of input during web page generation. **Recommendations** Update Bohemia Plugins Event Feed for Eventbrite to a version later than 1.3.2.

**Name of the Vulnerable Software and Affected Versions** falselight Exchange Rates versions n/a through 1.2.5 **Description** falselight Exchange Rates is susceptible to a cross-site scripting (XSS) issue due to improper neutralization of input during web page generation. The vulnerability allows for stored XSS attacks. **Recommendations** Update falselight Exchange Rates to a version later than 1.2.5.

**Name of the Vulnerable Software and Affected Versions** RumbleTalk Live Group Chat versions through 6.3.5 **Description** RumbleTalk Live Group Chat is susceptible to a cross-site scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. **Recommendations** Update RumbleTalk Live Group Chat to a version later than 6.3.5.

**Name of the Vulnerable Software and Affected Versions** IssueM versions through 2.9.0 **Description** The software contains a DOM-Based Cross-Site Scripting (XSS) issue due to improper neutralization of input during web page generation. **Recommendations** Update IssueM to a version later than 2.9.0.

**Name of the Vulnerable Software and Affected Versions** Dadevarzan WordPress Common versions through 2.2.2 **Description** The software contains a cross-site scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for stored XSS attacks. **Recommendations** Update Dadevarzan WordPress Common to a version later than 2.2.2.

**Name of the Vulnerable Software and Affected Versions** Deetronix Booking Ultra Pro versions through 1.1.21 **Description** This issue allows for Stored Cross-Site Scripting (XSS). The vulnerability is due to improper neutralization of input during web page generation. **Recommendations** Update Deetronix Booking Ultra Pro to a version later than 1.1.21.

**Name of the Vulnerable Software and Affected Versions** stanton119 WordPress HTML versions through 0.51 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** mibuthu Link View versions through 0.8.0 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update mibuthu Link View to a version later than 0.8.0.

**Name of the Vulnerable Software and Affected Versions** ItayXD Responsive Mobile-Friendly Tooltip versions through 1.6.6 **Description** The software contains an Improper Neutralization of Input During Web Page Generation issue, which allows for Stored Cross-site Scripting (XSS). **Recommendations** Update ItayXD Responsive Mobile-Friendly Tooltip to a version later than 1.6.6.

**Name of the Vulnerable Software and Affected Versions** bxSlider integration for WordPress versions through 1.7.2 **Description** The Vincent Mimoun-Prat bxSlider integration for WordPress contains a Stored Cross-Site Scripting (XSS) issue. The flaw resides in improper neutralization of input during web page generation, allowing malicious code injection. **Recommendations** Update bxSlider integration for WordPress to a version later than 1.7.2.

Name of the Vulnerable Software and Affected Versions: Bold Page Builder versions through 5.4.3 Description: A Stored Cross-site Scripting (XSS) issue exists in Bold Page Builder. This allows for the injection of malicious scripts into web pages. Recommendations: Update Bold Page Builder to a version later than 5.4.3.