Plainware Shiftcontroller
4 CVEs affecting Plainware Shiftcontroller. Latest disclosed: 2024-10-04. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-29424 | High | 7.1 | 2023-06-26 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions. |
CVE-2024-9435 | Medium | 6.1 | 2024-10-04 | The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and incl… |
CVE-2023-1978 | Medium | 6.1 | 2023-06-09 | The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and… |
CVE-2023-29425 | Medium | 5.4 | 2023-11-12 | Cross-Site Request Forgery (CSRF) vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions. |