Plainware Shiftcontroller

4 CVEs affecting Plainware Shiftcontroller. Latest disclosed: 2024-10-04. Critical: 0, High: 1.

Top CVEs affecting Plainware Shiftcontroller
CVESeverityScorePublishedSummary
CVE-2023-29424High7.12023-06-26Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.
CVE-2024-9435Medium6.12024-10-04The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and incl…
CVE-2023-1978Medium6.12023-06-09The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and…
CVE-2023-29425Medium5.42023-11-12Cross-Site Request Forgery (CSRF) vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions.