Filtered by vendor Yofla
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13823 | 1 Yofla | 1 360 Product Rotation | 2025-06-10 | N/A | 6.1 MEDIUM |
| The 360 Product Rotation WordPress plugin through 1.5.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users. | |||||
| CVE-2019-15082 | 1 Yofla | 1 360 Product Rotation | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The 360-product-rotation plugin before 1.4.8 for WordPress has reflected XSS. | |||||