Noorsplugin

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-49627 1Noorsplugin 1Wordpress Image Seo Jun 17, 2026 Oct 20, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4.
CVE-2023-51689 1Noorsplugin 1Easy Video Player Jun 17, 2026 Feb 1, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 Easy Video Player allows Stored XSS.This issue affects Easy Video Player: from n/a through 1.2.2.10.
CVE-2023-52143 1Noorsplugin 1Wp Stripe Checkout Jun 17, 2026 Jan 5, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Naa986 WP Stripe Checkout.This issue affects WP Stripe Checkout: from n/a through 1.2.2.37.
CVE-2022-3987 1Noorsplugin 1Responsive Lightbox2 Jun 17, 2026 Dec 19, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to p...Show more The Responsive Lightbox2 WordPress plugin before 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacksShow less
CVE-2022-3986 1Noorsplugin 1Wp Stripe Checkout Jun 17, 2026 Dec 19, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to...Show more The WP Stripe Checkout WordPress plugin before 1.2.2.21 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacksShow less
CVE-2022-3983 1Noorsplugin 1Checkout For Paypal Jun 17, 2026 Dec 19, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to p...Show more The Checkout for PayPal WordPress plugin before 1.0.14 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacksShow less
CVE-2022-3937 1Noorsplugin 1Easy Video Player Jun 17, 2026 Dec 19, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Easy Video Player WordPress plugin before 1.2.2.3 does not sanitize and escapes some parameters, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks.