Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in robosoft Robo Gallery robo-gallery allows Stored XSS.This issue affects Robo Gallery: from n/a through <= 5.0.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Charitable charitable allows Stored XSS.This issue affects Charitable: from n/a through <= 1.8.5.1.

Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Easy PayPal Events easy-paypal-events-tickets allows Cross Site Request Forgery.This issue affects Easy PayPal Events: from n/a through <= 1.2.2.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Contact Form 7 – PayPal & Stripe Add-on contact-form-7-paypal-add-on allows Stored XSS.This issue affects Contact Form 7 – PayPal & Stripe Add-on: from n/a through <= 2.3.4.

Cross-Site Request Forgery (CSRF) vulnerability in Scott Paterson Accept Donations with PayPal & Stripe easy-paypal-donation allows Stored XSS.This issue affects Accept Donations with PayPal & Stripe: from n/a through <= 1.4.5.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Paterson Time Clock time-clock allows Stored XSS.This issue affects Time Clock: from n/a through <= 1.2.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Seb WP DPE-GES wp-dpe-ges allows DOM-Based XSS.This issue affects WP DPE-GES: from n/a through <= 1.6.

Cross-Site Request Forgery (CSRF) vulnerability in Eli ELI's Related Posts Footer Links and Widget spostarbust allows Stored XSS.This issue affects ELI's Related Posts Footer Links and Widget: from n/a through <= 1.2.04.20.

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows PHP Local File Inclusion.This issue affects Display Eventbrite Events: from n/a through < 6.3.

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ajay Top 10 top-10 allows Stored XSS.This issue affects Top 10: from n/a through <= 4.1.0.