Plainware Shiftcontroller Employee Shift Scheduling
5 CVEs affecting Plainware Shiftcontroller Employee Shift Scheduling. Latest disclosed: 2024-10-06. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-4733 | High | 7.5 | 2024-05-16 | The ShiftController Employee Shift Scheduling plugin is vulnerable to PHP Object Injection via deserialization of untrusted input via the `hc3_session`-cookie… |
CVE-2023-29424 | High | 7.1 | 2023-06-26 | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Plainware ShiftController Employee Shift Scheduling plugin <= 4.9.23 versions. |
CVE-2024-9435 | Medium | 6.1 | 2024-10-04 | The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and incl… |
CVE-2023-1978 | Medium | 6.1 | 2023-06-09 | The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and… |
CVE-2024-44040 | Medium | 5.9 | 2024-10-06 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in plainware ShiftController Employee Shift Scheduling shift… |