WordPress Plugin Vulnerabilities

Time Sheets < 1.5.2 - Multiple XSS

Description

The Time Sheets WordPress plugin was affected by a Multiple XSS security vulnerability.

Affects Plugins

Plugin icon
time-sheets
Fixed in 1.5.2

References

CVE
CVE-2017-18582
CVE
CVE-2017-18581

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
6.1 (medium)

Miscellaneous

Verified
No
WPVDB ID
8da9e39a-c960-4d31-8a16-c5cea320c6de

Timeline

Publicly Published
2017-02-19 (about 9 years ago)
Added
2019-08-22 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2023-01-20
Title
Heateor Social Comments < 1.6.2 - Contributor+ Stored XSS
Published
2018-05-28
Title
Site Reviews <= 2.15.2 - Cross-Site Scripting (XSS)
Published
2022-04-06
Title
Content Egg < 5.3.0 - Reflected Cross-Site Scripting
Published
2025-11-20
Title
WPSite Shortcode <= 1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
Published
2024-06-04
Title
Brizy – Page Builder < 2.4.44 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget Link To URL